In the News



energy-oil-gas-logo
Summer 2017

Stay Safe: Edgard Capdevielle addresses the cyber security concerns of the energy sector

The critical role that the energy, oil and gas sectors play in the functioning of today’s economy and the rise of digitalisations of those sectors means leaving them exposed is not an option. Innovations, such as Machine Learning and Artificial Intelligence, can enhance cyber-attack detection and help companies leverage technologies to gain efficiencies in their industrial process cybersecurity programmes, as well as speeding the investigation of incidents to contain attacks before significant damage can occur. This must be the goal for everyone concerned.

Read More



insidecybersecurity-logo
July 18, 2017

New SANS survey finds growing concern over ICS attacks

A new survey by the SANS Institute sponsored by Nozomi Networks finds growing concern among cybersecurity professionals over botnet and other forms of cyber attacks aimed at industrial control systems, while noting that “4 out of 10 security practitioners lack visibility of their ICS networks.”
“When asked if control systems have been infected or infiltrated, 40% say ‘not that we know of,'” according to the survey. Sixty-nine percent of respondents rated the threat to industrial control systems as high or severe/critical.
The survey was released July 12 and was answered by cybersecurity professionals from small, medium and large organizations.

Read More



computerweekly-logo
July 18, 2017

UK industrial control systems targeted, warns leaked NCSC document

Security commentators say social engineering seems to be a key focus for the attackers behind the latest activity targeting national infrastructure.
“Targeting engineers with access to control systems with phishing messages is pretty straightforward and, if successful, could be extremely damaging,” said Andrea Carcano, founder and chief product officer at Nozomi Networks.

Read More



microgridknowledge-logo
July 17, 2017

Power Grid Cybersecurity Risks: It’s Not Only the Russians

It’s not only the Russians who pose risks to power grid cybersecurity. While they do pose some risks, there are more serious threats, especially to unprotected small- to mid-size energy companies, says a new report from the Institute for Critical Infrastructure Technology (ICIT).

Read More



information-management-logo
July 17, 2017

Ransomware threats growing for industrial control systems

Cyber security threats against industrial control systems are growing and identifying attacks continues to be a major challenge, according to an annual ICS survey by SANS Institute, a provider of security education programs.
The report, co-sponsored by security products company Nozomi Networks and others, found that while there has been some progress in protecting critical assets and infrastructure, new challenges have emerged. As part of the research, SANS gathered and analyzed raw data from hundreds of IT and ICS security practitioners across a variety of industries.

Read More



the-times-logo
July 15, 2017

Irish energy company ‘hacked by Russians’

Experts said that Ireland was being used as a testing ground for cyberwarfare by GRU teams and potentially as one of several EU countries that Russia may look to destabilise.
US officials confirmed last week that Russian government hacking teams had penetrated American nuclear and other energy companies...

Read More


information-age-logo
July 14, 2017

Risks facing industrial control systems reach all-time high

A study by the SANS Institute of hundreds of industrial control systems (ICS) practitioners and cyber security stakeholders across various vertical industries including energy, manufacturing, and oil and gas has revealed that 4 out of 10 ICS practitioners lack visibility into their ICS networks.
That means that 40% defenders are working blind unable to detect a cyber attack, find out where it is coming from and remediate it in a reasonable amount of time. That statistic is even scarier when you take into account that 67% say threats to the ICS systems are high, or severe and critical.

Read More



itproportal-logo
July 13, 2017

ICS practitioners in the dark about cyberattacks

Four out of 10 Industrial Control Security Practitioners don’t have proper visibility into their ICS networks. This is according to a new study by the SANS Institute. Based on a poll of ICS practitioners and cybersecurity stakeholders across various verticals, including energy, manufacturing, oil and gas, the report says that 40 percent of defenders are actually working blind to detect a cyber attack.

Read More



esecurityplanet-logo
July 11, 2017

Threats to U.S. Nuclear Power Plants Highlight Need for Real-Time Intrusion Detection and Prevention

Nozomi Networks CEO Edgard Capdevielle said that kind of air-gapping can no longer be counted on to offer any real protection. "We often see engineers plugging in their own devices to perform diagnostic checks," he said. "Should that person's device have been compromised, this action could unleash malware directly into the heart of each component being checked, which then crawls and burrows deeper into the infrastructure."

Read More



information-security-buzz-logo
July 10, 2017

Federal Amber Security Warning For Critical Infrastructure & Manufacturing

“Targeting engineers with phishing messages is pretty straight-forward and, if successful, could be extremely damaging. In tandem, while air-gapping offered a degree of protection, the way our nuclear plants, and any infrastructure for that matter, is maintained today means this practice is defunct. We often see engineers ‘plugging’ in their own devices to perform diagnostic checks. Should that person’s device have been compromised, this action could unleash malware directly into the heart of each component being checked, which then crawls and burrows deeper into the infrastructure. Plant managers need to be able to identify and close down anomalous behavior before damage is done. Advanced monitoring and anomaly detection solutions provide actionable intelligence that enable them to identify intrusions and take immediate steps to ensure uptime and resilience of their critical operational technology (OT) environments.”

Read More


isssource-logo
July 10, 2017

Critical Infrastructure Attacks Ongoing

The U.S. has to assume that all parts of critical infrastructure are being probed for vulnerabilities 24 by 7 from a risk management point of view,” said Andrea Carcano, co-founder and chief product officer at Nozomi Networks said. “While Information Technology (IT) and Operation technology (OT) that control the electric grid systems and other critical infrastructure are separated, there have been increasing connections that warrant the use of real-time anomaly detection and machine learning. Risk management is an ongoing process. Up to date patching and the use of artificial intelligence and machine learning helps to harden the security that guards industrial control systems.”

Read More


infosecurity-magazine-logo
July 7, 2017

Critical Infrastructure Defenses Woefully Weak

When it comes to critical infrastructure, 40% of cyber-defenders are working blind and would not be able to detect an attack, let alone find out where it is coming from and remediate it in a reasonable amount of time.
According to research from SANS Institute, four out of 10 industrial control security practitioners lack visibility into their ICS networks—a statistic that becomes even more concerning when one takes into account the fact that 69% say threats to the ICS systems are high, or severe and critical. Unprotected devices, nation-state attacks and ransomware are ranked top threats.

Read More



information-security-buzz-logo
July 6, 2017

Latest SANS Survey Finds ICS Security Risks Reach All-Time High

Nozomi Networks, the pioneer in real-time cybersecurity and operational visibility for industrial control systems (ICS), today announced ICS cybersecurity threats are growing and identifying attacks continues to be a major challenge according to the annual SANS Institute industrial control systems (ICS) survey set to be released next week. The survey, co-sponsored by Nozomi Networks and other industry leaders, finds that while there has been some progress in protecting critical assets and infrastructure, new challenges have emerged.

Read More



theneweconomy-logo
July 4, 2017

The oil and gas industry must take cybersecurity seriously

A major trend in oil and gas technology is the application of automation and machine learning to address the cybersecurity skill and manpower shortfall in the energy industry. However, as more connected devices move into the sector, so do the opportunities for more risk.

Read More



charles-tendell-show-logo
July 1, 2017

Training bigger cats to stop the #cybersecurity 9/11? With @capdevielle Of @nozominetworks‏

Shadow brokers is making its mark on the world. And with growing concerns that ransomware could cripple an organization's ability to make money. Many are turning to large scale solutions to cover their business critical systems. But what about the systems we don't think about? What about the Integrated control systems that we may not even know run our everyday lives? Edgard Capdevielle, CEO of Nozomi Networks joins the conversation

Listen



professional-security-logo
June 30, 2017

Paper on ICS assurance

This report encapsulates perfectly the need for ICS cyber-security. This is evidenced by the string of malware and ransomware attacks, with reported impact on industrial system operations, in recent months.
While there are cyber-criminals looking to liberate sensitive data for financial gain, that’s not always the case and we’re starting to see attacks that target systems to cause damage – with the motivation a little less obvious. For example, the recent discovery of Industroyer malware that is believed to have been specifically built to attack power grids. This is the second malware designed purely to disrupt physical infrastructure – the first being Stuxnet. Destructive malware is being developed, and tested, and critical infrastructure operators need to be able to identify and close down anomalous behavior before damage is done.

Read More



idgconnect-logo
June 30, 2017

News Roundup: NotPetya is the next WannaCry and then some

Another week, another massive ransomware attack based upon exploits hoarded the by NSA. The infection started with various companies in the Ukraine including freight company Maersk and the state-owned Ukrenergo and Kyivenergo have been affected. But it has since spread across Europe and beyond, including Rosneft, WPP, DLA Piper.
“Whether you believe the Ukraine is a test-bed for nation-state aggression or an issue between two specific countries, the continued barrage of attacks against Ukrainian infrastructure is disturbing,” said Edgard Capdevielle, CEO of Nozomi Networks.

Read More


sc-media-logo
June 29, 2017

Key researchers reclassify NotPetya as a wiper, suspect destruction was true motive

“The Ukraine continues to be in the cross hairs of persistent cyber attackers, said Edgard Capdevielle, CEO of Switzerland-based Nozomi Networks. "Whether you believe the Ukraine is a test-bed for nation state aggression... [or that this is] an issue between two specific countries, the continued barrage of attacks against Ukrainian infrastructure is disturbing."

Read More


isssource-logo
June 28, 2017

Ransomware Attack Part II

“The Ukraine continues to be in the cross-hairs of persistent cyber attackers,” said Edgard Capdevielle, chief executive of Nozomi Networks. “Whether you believe the Ukraine is a test-bed for nation state aggression or an issue between two specific countries, the continued barrage of attacks against Ukrainian infrastructure is disturbing.”

Read More


iiot-world-logo
June 26, 2017

ICS cybersecurity experts: back up all your data to protect yourself against Petya ransomware

Andrea Carcano, Co-Founder and Chief Product Officer of Nozomi Networks says: “If rumors prove true that this attack was initiated by the External Blue Exploit, it is a well-known vulnerability using SMB v1. SMB is a protocols used often in the industrial networks. Therefore security staff should be identifying any Microsoft systems in their ICS that could be exploited and take immediate remediation steps to patch them. This is the same vulnerability used in by last month’s WannaCry Ransomware bombardment in which hundreds of thousands of computers in critical industries were effected. It demonstrates the urgency for patching, however within ICS environments rapid patching can be difficult or impossible, which means operators must turn to advanced ICS cybersecurity monitoring to analyze the traffic and identify anomalous SMB v1 traffic. Real-time detection enables operators to take immediate steps to remediate the operational impact and ensure critical infrastructure stays up and running.”

Read More



information-security-buzz-logo
June 17, 2017

Petya Ransomware Attack

The most recent attack is reported to target IT systems and has not impacted the operational systems and industrial control systems (ICS) that control the power supply there, according to Ukrainian state power distributor, Ukrenergo. However, critical infrastructure providers around the globe should re-double their efforts to ensure proper separation of their IT and OT networks and be actively monitoring their ICS environments. This can be done by applying advanced anomaly detection systems so that they can detect and remediate any efforts to disruption operations of ICS within their critical infrastructure.

Read More



information-security-buzz-logo
June 17, 2017

Cyber Threats To UK Power Grid Raising Concerns In Energy Industry

Reports that the Energy sector are taking the threat from cyber-attacks seriously is reassuring, but it’s how they actually monitor and respond that is the key.

Read More


securityweek-logo
June 16, 2017

Industry Reactions to 'CrashOverride' Malware: Feedback Friday

Organizations with Industrial Control Systems (ICS) should know that technology is available today that provides real-time cybersecurity visibility for SOCs (Security Operations Centers) and that detects and mitigates APTs on OT systems.

Read More


recarghe-news-logo
June 13, 2017

Cybersecurity: the growing threat to renewables

Sean McCue, technical sales engineering manager at cyber-security firm Nozomi Networks, agrees. “The problem of attacks is real and getting worse,” he says. “It’s quite possible to envisage a problem involving solar panel owners who are selling power back to the grid.”

Read More


earch-security-logo
June 13, 2017

CrashOverride ICS attack targets vulnerable electrical grid

Andrea Carcano, co-founder and chief product officer for Nozomi Networks, an ICS security company based in San Francisco, said "the protocol communication used by CrashOverride is not a flaw per se."

"The threat actor merely used legitimate commands to send incorrect directions to the substation control units," Carcano told SearchSecurity "Once CrashOverride was able to penetrate the plant network, the communications it sent on the network were all using industrial protocols as they are intended to be used."

Read More


isssource-logo
June 12, 2017

ICS Malware Linked to Grid Attack

The implications of the Crash Override or Industroyer malware are significant,” said Andrea Carcano, co-founder and chief product officer for Nozomi Networks. “Unlike Stuxnet, which was designed to attack a particular uranium enrichment plant, this malware is broad-based and could affect power grids in many countries. We recommend that electric utilities monitor and improve their cyber resiliency programs, including implement real-time ICS cybersecurity and visibility solutions.”

Read More


infosecurity-magazine-logo
June 12, 2017

Industroyer Malware Detected, Linked to Kiev Attack

Andrea Carcano, co-founder and chief product officer at Nozomi Networks, told Infosecurity that from working closely with global power system companies, it knows communication protocols in depth and if the Industroyer malware infection had occurred on a system that its solution (SCADAguardian) was operating on, it would detect the unusual messages and send alerts that would help mitigate the impact.

Read More


sc-media-logo
June 12, 2017

Industroyer can knock out power grid, ESET

The implications of Industroyer malware is significant, Carcano added. "Unlike Stuxnet, which was designed to attack a particular uranium enrichment plant, this malware is broad-based and could affect power grids in many countries."

Read More



information-security-buzz-logo
June 12, 2017

Biggest Threat To Industrial Control Systems Since Stuxnet

After years of working closely with global power generators, we have seen that network communications across grids are usually very stable and that once baselined, it’s possible to detect anomalies. Unusual messages using regular power system communication protocols can be identified and flagged, and action can be taken on them before an outage occurs.

Read More


isssource-logo
June 9, 2017

Cost of a Security Incident

“Due to the dynamic nature of cyber-attacks, there are no infallible cybersecurity systems,” said Edgard Capdevielle, chief executive at Nozomi Networks. “However, the risk can be greatly reduced by implementing a layered defense involving anomaly detection with machine learning capabilities where a baseline of industrial control systems can be established and any deviations can be alerted and acted upon. Introducing machine learning and artificial intelligence into the ICS environment is key to faster and more efficient processes for securing unique industrial networks. Finally, closely following the NIST framework and best practices can also improve the risk posture of industrial control systems as standardization helps to facilitate peer-validated security architectures, protocols and guidelines.”

Read More


isssource-logo
May 31, 2017

WannaCry: Revisit (or Create) ICS Security Plan

While we can take a deep breath that WannaCry did not shut down essential services such as power systems and water systems, the malware is certainly a very loud wake-up call. Let’s look at what can be done immediately, and over the longer term, to prevent and mitigate ransomware infections to industrial systems.

Read More



plantengineering-logo
May 29, 2017

Fighting for holistic IT, OT security

The truth is while the need for cybersecurity is very apparent, enterprise and industrial networks are still often managed without a cohesive security strategy. And, even after years of being an acknowledged problem, integrated solutions are not in sight.

Read More


infosecurity-magazine-logo
May 27, 2017

SCADA HMI Devs Take 150 Days to Release Patches

Edgard Capdevielle, CEO of Nozomi Networks, argued that air-gapping SCADA systems is increasingly problematic, and instead organizations should focus on resilience through measures like network segmentation, firewalls, monitoring and prompt patching.

Read More



manufacturingtomorrow-logo
May 25, 2017

Cybersecurity in the Factory

The challenge comes in when companies introduce remote connectivity without properly evaluating the security of doing so. Each device with an IP address is a tiny pinprick in the plant’s defenses and hackers are looking for insecure connections to wreak havoc.

Read More



automationworld-logo
May 17, 2017

Will WannaCry Be Industry’s Cybersecurity Wake-Up Call?

While maintaining firmware and software updates is important, operators may fail to do so on time and every time. This means that SCADA and MES serve as a gateway for OT attacks, and therefore should be a top focus of any manufacturer’s industrial cybersecurity strategy.”

Read More



information-security-buzz-logo
May 12, 2017

Cybersecurity Industry Reaction To Trump Executive Order

“Section 2 of the order focuses on critical infrastructure and in particular, the electricity grid. It is encouraging to see the Federal Government take action that increases the urgency for improving and ensuring the reliability of the power supply within the U.S. Electric Utilities and other critical infrastructure operators should know that recent advances in technology can improve the cyber security risk management efforts called out in this Executive Order. Innovations such machine learning and artificial intelligence enable real-time monitoring and anomaly detection that offer critical infrastructure operators better tools to manage cyber risk and minimize disruptions.”

Read More



gsn-logo
May 12, 2017

Trump executive order draws praise from cybersecurity experts

Edgard Capdevielle said he was encouraged to see the country’s electricity infrastructure mentioned specifically in the order. He added that technology is available to help the utility companies become more resilient.

Read More



information-security-buzz-logo
May 7, 2017

Researchers Remotely Hack An Industrial Robot And Manipulate Its Commands

Manufacturers are always looking for ways to produce items as efficiently and cost effectively as possible, and that includes automating their production lines. The challenge is when they then take this further and introduce remote connectivity without properly evaluating the security of doing so.

Read More



information-age-logo
May 5, 2017

Industrial robots: extremely vulnerable to hacks

Edgard Capdevielle, CEO of Nozomi Networks suggests the future challenge in protecting industrial robots is “when they then take this further and introduce remote connectivity without properly evaluating the security of doing so. Each device with an IP address is a tiny pinprick the plant’s perimeter defences and hackers are looking for these insecure connections to wreak havoc.”

Read More


iotone-logo
May 5, 2017

Two Reasons For The ICS Cybersecurity Deficiency

The truth is that while the need for cybersecurity is very apparent, enterprise and industrial networks alike are still often managed without a cohesive security strategy.

Read More



information-security-buzz-logo
May 1, 2017

New SCADA Flaws Allow Ransomware, Other Attacks

We need to rethink security so it’s designed in from the outset, so as new technology and working practices are implemented within the ICS and SCADA infrastructure it is secure to prevent threats – such as ransomware, causing widespread damage.

Read More


automationworld-logo
April 27, 2017

Nozomi Networks Delivers First End-to-End Platform for Improved ICS Cybersecurity and Operational Reliability

Nozomi Networks Inc., the pioneer in real-time cybersecurity and operational visibility for industrial control systems (ICS), today realized another industry milestone with its latest release of SCADAguardian. The trusted solution for cybersecurity risk detection is now the industry’s first solution to support both operational visibility and ICS cybersecurity with new modules for Asset Management and Vulnerability Assessment. It also introduces innovative Dynamic Learning for configuration-free deployments. This gives energy utilities, oil and gas operators and manufacturers the industry’s only single solution to comprehensively monitor control networks for cybersecurity and operational anomalies.

Read More


isssource-logo
April 26, 2017

Fighting for Holistic OT/IT Security

The truth is while the need for cybersecurity is very apparent, enterprise and industrial networks are still often managed without a cohesive security strategy. And, even after years of being an acknowledged problem, integrated solutions are not in sight.

Read More


iiot-world-logo
April 25, 2017

Two Reasons for the ICS Cybersecurity Deficiency

When it comes to industrial cybersecurity; governments know they need to improve it, industry knows it needs to better understand it, and system integrators/automation vendors know they need to offer it. If you fall within any of these categories, ask yourself “What’s your industrial cybersecurity strategy for 2017?”

Read More


information-security-buzz-logo
April 25, 2017

Power Outages In 3 Major Cities Prompting Grid Concerns

“Outages, such as those experienced last week highlight the importance of the power grid in keeping cities moving, homes warm or even simply brewing coffee. Operators of industrial control systems need the ability to automatically identify potential issues in real-time – whatever is the underlying cause, to speed the investigation of incidents and ultimately contain attacks or system failures before significant damage can occure”

Read More


information-security-buzz-logo
April 23, 2017

BrickerBot As A Threat To Industrial Control Systems

Operators should implement the mitigations recommended by ICS -CERT, which include verifying that their control systems are deployed securely and that no devices have an Internet accessible configuration. In addition, as the U.S. Department of Homeland Security recommends, they should use network behavioral analysis to detect anomalies in traffic and take appropriate action.

Read More


securityweek-logo
April 20, 2017

ICS-CERT Warns of BrickerBot's IoT Device Damaging Capabilities

“BrickerBot is obviously a threat to OT systems," Edgard Capdvielle, CEO of Nozomi Networks, told SecurityWeek. "Should Industrial Control Systems (ICS) components to suddenly fail without warning, the effects could be significant. Industrial automation systems could experience abnormal behavior or event outages."

Read More


rigzone-logo
April 14, 2017

Improve Your Plant's Cybersecurity Now That the Wireless 'Genie' Is Out

"The race to digitally connect industrial components has meant that many elements that would once have resided safely within the infrastructure are now laid bare for anyone to find," said Edgard Capdevielle, CEO of Nozomi Networks, which produces cybersecurity software for industrial control systems (ICS).

Read More


iiot-world-logo
April 12, 2017

CS Security Lags In U.S. Oil And Gas Industry

The fact that insiders – whether criminal or negligent, are a top cyber security threat substantiates the need for ICS real-time monitoring and process anomaly detection. Control system traffic is fairly predictable so, by establishing a baseline of ICS network communications and conducting continuous monitoring for anomalies, anything that deviates from expected behavioral patterns is an anomaly worth analyzing. Furthermore, it would be very valuable to identify if these anomalies are due to malicious activity or unintentional errors that could cause process impacts/disruptions – whether from internal or external sources.

Read More



eandt-logo
April 11, 2017

Pay up or else: the ransomware threat to your business

“While it is argued that ICS and SCADA systems are segregated, the reality is that the ‘wall’ which separates OT and IT is permeable – the adoption of Ethernet, and other standard network technologies, delivers benefits in industrial controls, but also introduces risk,” says Edgard Capdevielle, CEO at Nozomi Networks. “Just as it is hard to avoid the Earth’s gravitational pull, the introduction of Ethernet draws in more layers of connectivity.”

Read More



thecyberwire-logo
April 4, 2017

The CyberWire Daily Podcast for 04.04.17

Airports and nuclear power plants in the U.S. and U.K. are on alert for cyberattacks after governments in both countries issued alerts. “The original warning to nuclear stations was published in the government's five-year Civil Nuclear Cyber Security Strategy back in February, and you can be assured that the recommendations have not been ignored.”

Read More


sc-media-logo
April 3, 2017

U.S., U.K. warn airports, nuclear facilities of cyberattacks

Airports and nuclear power plants in the U.S. and U.K. are on alert for cyberattacks after governments in both countries issued alerts. In addition to intelligence that prompted the U.S. to ban laptops and other devices in passenger cabins of certain airlines to thwart terrorists attempting to bring explosives on board, the Telegraph reported that officials worried that bad actors might also attempt cyberattacks on airports and nuclear facilities.

Read More



information-security-buzz-logo
March 30, 2017

Almost 40 Per Cent Of Industrial Computers Faced A Cyberattack In The 2nd Half Of 2016

“The issue is that security in control systems today is bolted on rather than designed in. These cumbersome and often manual configurations don’t naturally fit with the complexity of industrial installations that were never designed to be connected to the outside world, nor fall within the skill set of industrial engineers who find themselves tasked with managing them. We need to rethink security so it’s designed in from the outset, so as new technology is implemented in ICS and SCADA infrastructure it is secure and as new threats – such as ransomware, emerge they are thwarted. But that will take time.

Read More



professional-security-logo
March 29, 2017

Industrial attention

“The issue is that security in control systems today is bolted on rather than designed in. These cumbersome and often manual configurations don’t naturally fit with the complexity of industrial installations that were never designed to be connected to the outside world, nor fall within the skill set of industrial engineers who find themselves tasked with managing them. We need to rethink security so it’s designed in from the outset, so as new technology is implemented in ICS and SCADA infrastructure it is secure and as new threats – such as ransomware, emerge they are thwarted. But that will take time.”

Read More



securityintelligence-logo
March 27, 2017

ICS Infections Are Fewer Than Previously Thought

Edgard Capdevielle, CEO of Nozomi Networks, told Bleeping Computer, “Historically, ICS was designed to be completely segregated and confined by physical boundaries. However, each new IP address punches another hole in the metaphorical wall that separates information technology and operational technology.” Having more industrial systems connecting to the internet means more targets for cybercriminals.

Read More


networkworld-logo
March 27, 2017

Products of the Week: SCADAguardian

Key features: now supports both operational visibility and ICS cybersecurity with new modules for Asset Management and Vulnerability Assessment. It also introduces innovative Dynamic Learning for configuration-free deployments.

Read More


tenlinks-logo
March 27, 2017

Nozomi Networks Announces SCADAguardian v17.0

For industrial operators, tracking assets and knowing their configuration and firmware versions, as well as other attributes, is often a lengthy manual process that is prone to human error and hard to keep up-to-date. SCADAguardian 17.0 automates asset tracking, keeps information current, and makes it easy to visualize, find and drill down on asset information such as software and hardware versions. Alerts, consolidated into context-aware incidents, notify operators of changes that may indicate a cybersecurity or operational incident.

Read More



energyintel-logo
March 27, 2017

The Coming Cyberstorm

IT cycles occur every three to five years and innovation is key; industrial infrastructure life cycles — such as those in oil and gas — are much longer, and revenue is king, according to Edgard Capdevielle, CEO of industrial cyber security company Nozomi Networks. Essentially, companies are saying: Why risk upsetting operational reliability and uptime by updating our cybersecurity? Sensitivity to commodity prices is another factor. “Currently regulation is very light, so without a vision or commitment, you won’t have much investment in this area until commodity prices have fully recovered,” he said.

Read More



information-security-buzz-logo
March 24, 2017

3,000 Industrial Plants Infected With Malware Each Year

“Currently, security in control systems today is bolted on rather than designed in and that’s like selling a car with seatbelts as an optional extra. We need to rethink security so its designed in from the outset, so as new technology is implemented in ICS and SCADA infrastructure it is secure and as new threats – such as ransomware, emerge they are thwarted.”

Read More



information-security-buzz-logo
March 24, 2017

3,000 Industrial Plants Infected With Malware Each Year

“Currently, security in control systems today is bolted on rather than designed in and that’s like selling a car with seatbelts as an optional extra. We need to rethink security so its designed in from the outset, so as new technology is implemented in ICS and SCADA infrastructure it is secure and as new threats – such as ransomware, emerge they are thwarted.”

Read More


networkworld-logo
March 22, 2017

Critical infrastructure: Off the web, out of danger?

Edgard Capdevielle, CEO of Nozomi Networks, also said connections to the corporate network are a risk. “While industrial traffic may not go through the internet to get from one site to another, all these networks often have a physical path to the outside and are therefore exposed,” he said. “Firewalls help provide segmentation in the network, but the exposure still exists.”

Read More


theregister-logo
March 22, 2017

Malware 'disguised as Siemens software drills into 10 industrial plants'

Edgard Capdevielle, chief exec at industrial control security specialists Nozomi Networks, said: "That ICS themed malware exists is not surprising, but it is concerning. The reality is that ICS networks today face all the same security challenges as every other IT network, but lack similar security options.

Read More


csoonline-logo
March 22, 2017

Critical infrastructure: Off the web, out of danger?

Edgard Capdevielle, CEO of Nozomi Networks, also said connections to the corporate network are a risk. “While industrial traffic may not go through the internet to get from one site to another, all these networks often have a physical path to the outside and are therefore exposed,” he said. “Firewalls help provide segmentation in the network, but the exposure still exists.”

Read More



bleepingcomputer-logo
March 22, 2017

Most Industrial Control Systems Get Infected with Malware by Accident

"Historically ICS was designed to be completely segregated and confined by physical boundaries. However, each new IP address punches another hole in the metaphorical wall that separates Information Technology (IT) and Operational Technology (OT)," Edgard Capdevielle, CEO, Nozomi Networks tells Bleeping Computer.

"Having established IT connectivity it’s difficult to put the genie back in the bottle," he adds. "Currently, security in control systems today is bolted on rather than designed in and that’s like selling a car with seatbelts as an optional extra."

Read More


isssource-logo
March 22, 2017

Nozomi Updates SCADAguardian

Nozomi Networks Inc. issued its latest release of SCADAguardian, a cybersecurity risk detection solution. The release supports operational visibility and ICS cybersecurity with new modules for Asset Management and Vulnerability Assessment. It also introduces Dynamic Learning for configuration-free deployments. This gives energy utilities, oil and gas operators and manufacturers a solution to monitor control networks for cybersecurity and operational anomalies. “At Vermont Electric our mission is to provide safe, affordable, and reliable energy services to our members,” said Kris Smith, SCADA and operations engineering manager. “In order to do that, we need both operational visibility and cybersecurity protection for our critical operations systems.”

Read More


foresternetwork-logo
March 20, 2017

Nozomi Networks Delivers First End-to-End Platform for Improved ICS Cybersecurity and Operational Reliability

Latest release of SCADAguardian integrates modules for Asset Management and Vulnerability Assessment, creating a comprehensive solution for critical infrastructure.

Read More



channele2e-logo
March 20, 2017

5 Channel Partner Updates: 20 March 2017

Cybersecurity Risk Detection: Nozomi Networks Inc., which specializes in real-time cybersecurity and operational visibility for industrial control systems (ICS), has launched a new SCADAguardian release. It now features Asset Management and Vulnerability Assessment capabilities. Moreover, Dynamic Learning offers configuration-free deployments, the company claims. The platform targets energy utilities, oil and gas operators and manufacturers that want to monitor control networks for cybersecurity and operational anomalies.

Read More



sc-media-logo
March 14, 2017

Can machine learning & AI protect critical infrastructure from cyber-attacks?

Moreno Carullo examines how machine learning and AI can be deployed to protect physical infrastructures from cyber-attack.

Read More



downstream-today-logo
March 14, 2017

How to Improve Your Plant’s Cybersecurity with the Wireless ‘Genie’ Out

In a recent conversation with DownstreamToday, Nozomi Networks CEO, Edgard Capdevielle, elaborated on the cyber-security vulnerabilities of wireless systems, emerging weapons to combat these threats and more. Read on for his insights.

Read More


iiot-world-logo
March 8, 2017

Top ICS/SCADA Cybersecurity start-ups to watch for in 2017

Nozomi Networks has been delivering cybersecurity and operational visibility solutions for industrial control systems (ICS) since 2013. The company was founded by Andrea Carcano, an authority in industrial network security and Moreno Carullo an expert in artificial intelligence. By applying network behavioral analytics to ICS environments, Nozomi Networks’ flagship product, SCADAguardian delivers real-time visibility into process network communications and configurations. Its ICS network mapping and automated process analysis detects cyber-attacks and operational missteps for immediate remediation.

Read More


infosecurity-magazine-logo
February 24, 2017

US Oil and Gas Firms Woefully Exposed to Cyber Threats

Nozomi Networks CEO, Edgard Capdevielle, argued that real-time monitoring and process anomaly detection are vital to spot signs of a breach.

“The combination of rapidly advancing digitally connected industrial components against an escalating threat landscape, with operators facing energy price pressures which in turn can restrain investments, have combined to create a truly testing environment that’s balanced on a knife-edge,” he added.

Read More



information-security-buzz-logo
February 23, 2017

Systems Admin Jailed After Hacking Ex-Employer

Following the reports emerged that a disgruntled employee had hacked the control systems of his ex-employer a paper factory, causing over a million dollars in damage. Reacting to the news, Morena Carullo, Co-Founder and CTO at Nozomi Networks commented, “This is not the first time we’ve seen malicious damage caused by a disgruntled ex-employee. What it highlights is the very serious implications when basic cyber security practices are ignored.”

Read More



itproportal-logo
February 16, 2017

Rogue squirrels or humans – limiting the damage is what’s important

The recent Cyber Squirrel Project report captured the imagination of many. While the image of rogue squirrels storming a nuclear power plant is amusing, the scale of the threat they pose is relatively tame. However it shouldn’t be ignored and for that reason the report should be applauded as it highlights a very important issue – that critical infrastructure is under constant threat of disruption.

Read More


infosecurity-magazine-logo
February 15, 2017

Ransomware Demo Holds Industrial Systems Hostage

Edgard Capdevielle, CEO at Nozomi Networks, argued that hackers have already been able to turn the lights off in Ukraine by attacking power stations there, and claimed human lives could be at risk if industrial systems become a major target for hackers.

Read More



information-security-buzz-logo
February 15, 2017

New Ransomware To Target Industrial Systems

The demonstration by researchers of Georgia Institute of Technology at RSA, showing how water treatment PLCs [programmable logic controllers] can be susceptible to ransomware, is cause for concern – but not unsurprising. The difference between an enterprise falling foul of malware, and a water treatment plant, is the severity of the potential impact as the attack vectors are the same.

Read More



information-security-buzz-logo
February 14, 2017

UK Hit By 188 High-Level Cyber-Attacks In Three Months

Philip Hammond is right in his observation that the risks of escalating cyberattacks extend far beyond the Internet of Things (IoT) from ‘hacked kettles and fridges to cars.’ It’s the really big ‘things’ like power plants, transportation systems, water, and other infrastructure that are worth special protective measures, from both industry and governments, whether the threat comes from foreign governments, terrorists, hacktivists, or well-organised criminal organisations.

Read More



land-mobile-logo
January 30, 2017

Wireless comms in manufacturing: improving safety and efficiency

There’s growing use of machine learning to provide users with greater visibility of industrial processes. Andrea Carcano, co-founder of and chief product officer at Nozomi Networks, says that this has several benefits. From a cybersecurity perspective it allows a system to interpret commands and understand if someone’s attempting to disrupt the manufacturing process. A classic example of this type of attack is Stuxnet – a worm identified in 2010 – which is believed to have altered the behaviour of uranium enrichment centrifuges to slow down Iran’s nuclear development programme.

Read More


infosecurity-magazine-logo
January 27, 2017

Interview: Andrea Carcano, Nozomi Networks

Talking to chief product officer and co-founder of Nozomi Networks Andrea Carcano, he said that even after the lessons learned from Stuxnet, there is little in the way of authentication or encryption in modern SCADA systems. Particularly once inside the network, he said that the only thing you need to know is the language of the programmable logic controller (PLC) or remote terminal in order to gain access.

Read More



information-security-buzz-logo
January 21, 2017

Squirrel Threat To Critical Infrastructure

“While the image of rogue squirrels storming a nuclear power plant is amusing, the scale of the threat they pose is relatively tame. According to Cyber Squirrel 1, having tracked 1,700 animal related outages, just 5 million people were affected – a crude calculation puts that at almost 3,000 per outage. In contrast, if a malicious actor successfully penetrates the critical infrastructure, the scale of the devastation has the potential to be immense. An illustration is the very targeted cyber attack launched against the Ukraine in 2015, that single event affected 225,000 people.

Read More


crn-logo
January 17, 2017

15 IT Startups That Hauled In Big Funding In Q4 2016

15 IT Startups That Hauled In Big Funding In Q4 2016

Read More


nice-news-logo
January 15, 2017

It could happen here: Ukraine's power station hack is a stark warning to other countries

“Western critical infrastructure organisations need to move to aggressively protect operational systems that control the flow of power, water, energy from cyber attacks,” Andrea Carcano, Founder of Nozomi Networks, told VICE News.

Read More



information-security-buzz-logo
January 13, 2017

Ukraine Power Grid Hacked Again

“While hardly a surprise that this has now been confirmed as a cyber attack, it demonstrates a worrying trend. I think the suggestion that the Ukraine is being used as a ‘testbed for refining attacks’ is highly likely and what’s particularly concerning is that the attackers could have caused far more damage than they did.

Read More



information-age-logo
January 12, 2017

Power cut in Ukraine a cyber attack

Andrea Carcano, founder and chief product officer at Nozomi Networks said, “While hardly a surprise that this has now been confirmed as a cyber attack, it demonstrates a worrying trend. I think the suggestion that the Ukraine is being used as a ‘testbed for refining attacks’ is highly likely and what’s particularly concerning is that the attackers could have caused far more damage than they did.”

Read More


infosecurity-magazine-logo
January 12, 2017

Ukraine Power Outage Confirmed as Cyber Attack

“This illustrates that there are adversaries, with both intent and ability, to launch attacks and cause damage to the critical infrastructure of every country around the globe, and this threat must not be ignored,” argued Nozomi Networks founder Andrea Carcano.

“Cyber resiliency through defence in-depth measures is needed, and that includes network segmentation, firewalls and visibility solutions. All protectors must re-examine their ICS cybersecurity programs carefully and arm themselves with technology that will enable them to detect and respond to attacks, in real time, if they’re to keep the attackers out and the power on.”

Read More



siliconAngle-logo
January 11, 2017

The IT-OT convergence: protecting operational technology in the cloud age | #ACCELERATE2017

At Fortinet Accelerate, Edgard Capdevielle, president and CEO of Nozomi Networks Inc., met with Lisa Martin (@Luccazara) and Peter Burris (@plburris), co-hosts of theCUBE, SiliconANGLE Media’s mobile live streaming studio, to discuss OT security, IT practices and how the two are coming together.

Read More


thecube-logo
January 10, 2017

theCUBE Interviews Nozomi Networks CEO Edgard Capdevielle at Fortinet Accelerate ‘17

“Attacks have increased in frequency and in use cases. In 2015, the Department of Homeland Security recorded 295 industrial cyber attacks in our nation’s critical infrastructure. We’ve gone from one attack a year in 2010 to once a day in 2015”


Read More


isssource-logo
January 9, 2017

Nozomi Automates Risk Detection

Relative industry newcomer, Nozomi Networks released the latest version of SCADAguardian, which allows engineers and operators to protect against cybersecurity attacks, monitor processes and manage ICS environments.

Read More



idgconnect-logo
January 5, 2017

What will be the single biggest security threat of 2017?

“IoT and IIoT devices offer a false sense of ‘magic’ and intelligence in controlling the physical world, but they are not designed to be as intelligent to protect the system they are controlling. Think about the recent IoT-botnet attack, the Ukraine attack, etc – all were made possible by inadequate security architectures/solutions of such complex cyber-physical systems.”
Moreno Carullo, Co-Founder & CTO at Nozomi Networks

Read More


gtm-logo
January 4, 2017

The Real Cybersecurity Issues Behind the Overhyped ‘Russia Hacks the Grid’ Story

Companies typically rely on the separation between corporate IT networks and OT systems to bar entry from one to the other. But “we’re too comfortable relying on that separation,” Edgard Capdevielle, CEO of industrial control system cybersecurity startup Nozomi Networks, said in a Tuesday interview. With the increasing level of automation and interconnection between IT and OT, “that is a permeable wall; it is not a brick wall," he said.

Read More



information-security-buzz-logo
December 13, 2016

German Steel Maker ThyssenKrupp Hack

Following the news that ThyssenKrupp has suffered a cyber-attack, Andrea Carcano, Founder and Chief Product Officer at Nozomi Networks commented below.

“Steel mills and other critical infrastructure components are now in the cross-hairs of sophisticated and well organised hackers whose goals of malicious disruption are broad and varied. Stepping up the detection of cyberattacks of IP theft and, more importantly, the industrial control systems that operate critical infrastructure facilities from manufacturing to energy production will lead cybersecurity priorities in 2017.”

Read More


infosecurity-magazine-logo
December 9, 2016

Steel Giant ThyssenKrupp Hit by Major Cyber Attack

Andrea Carcano, founder of Nozomi Networks, argued that steel mills are now very much in the cross-hairs of organized crime gangs.

Read More


ibtimes-logo
December 9, 2016

Hackers hit ThyssenKrupp stealing trade secrets in 'massive' cyberattack

Carcano cautioned: "Steel mills and other critical infrastructure components are now in the cross-hairs of sophisticated and well organised hackers whose goals of malicious disruption are broad and varied. Stepping up the detection of cyberattacks of IP theft and, more importantly, the industrial control systems that operate critical infrastructure facilities from manufacturing to energy production will lead cybersecurity priorities in 2017."

Read More


darkreading-logo
December 8, 2016

Data Theft At ThyssenKrupp Highlights Industrial Espionage Threat

Andrea Carcano, founder of Nozomi Networks a company that specializes in ICS security, speculated that the threat actors might have had a multi-step attack in mind. The goal might have been to steal IP such as design and production information, and then to use it to plan a more devastating attack in future.

Read More


interempresas-logo
November 22, 2016

CMC firma un acuerdo con Nozomi Networks e introduce en España una tecnología que reduce la detección de ciberataques

La consultora multinacional española Grupo CMC ha firmado un acuerdo con Nozomi Networks para introducir en España una de las tecnologías más avanzadas del mundo para reducir de manera drástica el tiempo de detección de ciberataques a infraestructuras críticas industriales, así como la identificación de otros que ni siquiera son detectados. Según Grupo CMC, éstos últimos pueden llegar a incrementar hasta en un 45% el número real de ataques a este tipo de instalaciones que, según los últimos datos disponibles, fueron 134 en 2015.

Read More



muycomputerpro-logo
November 20, 2016

CMC firma un acuerdo con Nozomi Networks

La consultora multinacional española Grupo CMC ha firmado un acuerdo con Nozomi Networks para introducir una tecnologías que reduzca de manera drástica el tiempo de detección de ciberataques a infraestructuras críticas industriales, así como la identificación de otros que ni siquiera son detectados. Según Grupo CMC, estos últimos pueden llegar a incrementar hasta en un 45% el número real de ataques a este tipo de instalaciones que, según los últimos datos disponibles, fueron 134 en 2015.

Read More



globbpartner-logo
November 17, 2016

Grupo CMC incorpora la detección temprana de ciberataques de Nozomi Networks

La consultora Grupo CMC ha llegado a un acuerdo con la firma Nozomi Networks, especializada en soluciones de visibilidad operativa y ciberseguridad para sistemas de control industrial (ICS), para su comercialización en el mercado español de su plataforma SCADAguardian.

Read More



friscofastball-logo
November 7, 2016

Form D Action: Nozomi Networks $7.55 million Fundraising. Edgard Capdevielle Released Nov 7 D Filing

Nozomi Networks, Inc., Corporation just released form D for $7.55 million equity financing. This is a new filing. Nozomi Networks was able to sell $7.55 million. That is 100.00% of the financing offer. The total private financing amount was $7.55 million. The form was filed on 2016-11-07. The reason for the financing was: unspecified.

Read More


networkworld-logo
October 31, 2016

New products of the week 10.31.16

"SCADAguardian delivers advanced cybersecurity and operational visibility of industrial networks. This latest release bridges machine learning and behavioral analytics with ICS cybersecurity to automate risk detection for faster response times."

Read More


sdxcentral-logo
October 28, 2016

SDxCentral Weekly News Roundup — October 28, 2016

"Security company Nozomi Networks has completed a $7.5 million Series A round of funding."

Read More



ictjournal-logo
October 27, 2016

La start-up tessinoise Nozomi Networks lève 7,5 millions de dollars

"Nozomi Networks, start-up suisse, annonce avoir levé 7,5 millions de dollars dans le cadre d’un tour de table de série A. Basée jusqu’ici au Tessin, la firme vient d’ouvrir un siège dans la Silicon Valley. Les nouveaux fonds vont aussi lui permettre de travailler à élargir le nombre d’utilisateurs de sa solution phare, SCADAguardian."

Read More



securityweek-logo
October 26, 2016

Industrial Cybersecurity Firm Nozomi Networks Raises $7.5 Million

"Investors believe that Nozomi has a strong and early product in an increasingly vital area...
Christian Renaud, an analyst with 451 Research, believes that SCADAguardian is right for that opportunity."

Read More




xconomy-logo
October 25, 2016

Nozomi Networks Obtains $7,500,000 Series A Round

"With this funding, the company is establishing corporate headquarters in the United States, in addition to Switzerland, to effectively address growing market demands worldwide."

Read More


fortune-logo
October 24, 2016

Term Sheet - Monday, October 24

Venture Capital Deals
"Nozomi Networks, a Menlo Park, Calif.-based provider of cybersecurity and operational visibility for industrial control systems, has raised $7.5 million in Series A funding. GGV Capital and Lux Capital co-led the round, and were joined by return backer Planven Investments."

Read More



strictly-vc-logo

October 24, 2016

Fortinet opens new ‘fabric ready’ technology partner program

"Nozomi Networks, a three-year-old, Menlo Park, Ca.-based maker of cybersecurity and operational visibility for industrial control systems, has raised $7.5 million in Series A funding co-led by GGV Capital and Lux Capital, with participation from existing investor Planven Investments SA."

Read More





siliconAngle-logo
October 24, 2016

Security startup Nozomi raises $7.5 million to protect industrial equipment

"The cash infusion will enable the startup to widen the adoption of its SCADAguardian platform, which uses machine learning technology to detect security issues in industrial gear."

Read More



inn-logo

October 24, 2016

Nozomi Networks Delivers Industry Proven Cybersecurity and Operational Visibility for Industrial Networks

“Nozomi’s SCADAguardian solution helps address a key customer concern in the deployment of IoT in critical infrastructure.”

Read More



inn-logo

October 24, 2016

Nozomi Networks Secures $7.5 Million in Series A Funding to Protect Critical Infrastructure

"GGV Capital and Lux Capital co-led the investment round with participation from existing investor Planven Investments SA. Glenn Solomon, Managing Partner at GGV Capital, and Bilal Zuberi, Partner at Lux Capital, will join the board of directors as part of the financing."

Read More




pe-hub-logo

October 24, 2016

Nozomi Networks scores $7.5 mln Series A

"Capital and Lux Capital led the round with participation from return backer Planven Investments SA. In addition to the funding, Glenn Solomon, a managing partner at GGV Capital and Bilal Zuberi, a partner at Lux Capital, have been added to Nozomi’s board of directors."

Read More




finsmes-logo

October 24, 2016

Nozomi Networks Raises $7.5M in Series A Funding

"Nozomi Networks, a Menlo Park, Calif.- and and Mendrisio, Switzerland-based provider of a cybersecurity and operational visibility platform for industrial control systems (ICS), completed a $7.5m Series A round of financing."

Read More




medium-logo

October 24, 2016

"Nozomi Networks — our investment in real-time visibility and cyber security of industrial control networks

Edgard Capdevielle, Andrea Carcano, and Moreno Carullo are a phenomenal team. They have a deep background and understanding of complex industrial systems, and fully appreciate how both IT and OT (operational technologies) need to work together to implement solutions to fully harness the value proposition."

Read More



goinglongblog-logo
October 24, 2016

Congratulations Nozomi Networks on Raising a $7.5M Series A Financing

"Congratulations Nozomi Networks on raising a $7.5 million Series A financing. Our team at GGV Capital is excited to be working with Nozomi and I’m delighted to have joined the company’s board of directors. Nozomi is a true innovator in helping monitor and secure industrial control systems (ICS)."

Read More


crn-logo
Sept. 29, 2016

5 Companies That Came To Win This Week

"The Security Fabric ecosystem is expected to make it easier for solution providers to pair Fortinet's products with products from other vendors, increasing the strategic value of the solutions that partners can provide. The first batch of partners includes Nozomi Networks."

Read More





nomics-logo

Sept. 28, 2016

Fortinet opens new ‘fabric ready’ technology partner program

"Fortinet has opened its new Fabric-Ready partner program to extend its cyber security ecosystem to validated third-party solution developers including Nozomi Networks."

Read More





crn-logo
Sept. 26, 2016

Fortinet Expands Security Fabric With New Technology Partner Program, SIEM Integrations

The new Partner Program opens up the Security Fabric ecosystem to validated third-party vendors, with peer-to-peer integration and commitments to ongoing interoperability and go to market. The first batch of partners include a cross-section of endpoint, cloud, SIEM, management and vulnerability vendors, including Nozomi Networks.

Read More





lux-logo

Sept. 2016

Company Profile for Nozomi

"Nozomi has impressive traction for a young company with several large industrial enterprises operating at scale commercial deployments – industrial clients should engage to secure their increasingly connected enterprises."

Read More





businessreporter-logo

May 18, 2016

Nozomi Networks protects critical infrastructure from cyber attacks

Nozomi Networks founder, Andrea Carcano, is interviewed about cybersecurity for power plants. Andrea provides the 3 key questions operators need to ask about ICS security solutions and explains how Nozomi’s technology is safe for industrial systems and effective in detecting cyber threats.

Read More





451-logo

April 12, 2016

Nozomi Networks secures industrial control systems with SCADAguardian

"The Swiss security startup delves deeply into critical infrastructure using machine learning and protocol inspection to detect real-time anomalous behavior in the network and security holes before they are exploited."

Read More

logo