The security of industrial control systems (ICS) and industry IoT solutions has never been more important. High-profile attacks against critical infrastructure could result in a loss of critical services, environmental damage, and even loss of life. And because these digital systems interact with the physical world, the risks cross the digital barrier into reality.
ICS systems have traditionally relied on isolation and obscurity to mitigate the risk of digital attacks. But with increasing connectivity between classic IT and operational technology (OT), this isolation is gradually disappearing. In addition, obscurity is no longer a viable defense due to standardization and vulnerability research.
Traditionally, risk management uses historically successful IT preventive controls, such as hardening, patching, SDLC, active vulnerability assessment, and tight access control. However, this is no longer enough in the OT/ICS world. Processes and people are used to operating mission-critical systems with only safety in mind, change management runs at a different pace, and trust between components is the norm. To secure the complex systems of today, a different approach is needed.
To address the problem, Conscia acts as detective and observes OT/ICS systems in real-time, quickly responding to any suspicious or anomalous behavior. This provides the following benefits:
- Fast detection of intruders and malicious code (minutes to hours), enabling extremely quick response processes to limit damage and business loss. For comparison, attackers spent 6 months examining the target ICS in the 2015 Ukraine power distribution attacks.
- No change and no interference with existing OT applications and processes, to ensure uninterrupted operations using today’s technology.
Our solution is based on OT network data capture and anomaly-based analysis and detection, using completely passive network sensors at the customer site. By creating baselines of known good system behavior, we can detect suspicious or malicious deviations and known, specific attacks against the system.
Our solution can be operated by your business or managed by Conscia’s Security Operations Center (SOC). Our analysts are trained in ICS/OT risks and vulnerabilities and react to alerts with the help of extensive automation.
Safer financial systems with Cisco
Cinnober is one of the world’s leading developers and providers of mission critical trading and clearing systems for stock exchanges, banks and clearing houses. Cinnober’s network is based on Cisco switches and a software defined architecture.
to SIEM or not to SIEM
One of the best tools in our detection catalogue is the SIEM. I believe that the SIEM industry has matured quite a lot during the last decade and so have the partners working with SIEM.
First line of defense with DNS Security
Wouldn’t it be great if you could protect the equipment in your network before connecting to the Internet! You have already taken the necessary measures. Still, it feels like something is still missing when it comes to the protection of your equipment …
For organisations aiming to stay ahead, choosing the right Data Center and Multicloud solutions is crucial.
Cyber Security is not only about avoiding risk. If done right, a security setup also helps the business stay ahead.
The network touches basically everything in any company. This makes it an ideal platform for improving security as well as business efficiency.
In the age of mobile and cloud, information should be available to employees on any device and in any place.