The SCADAguardian platform allows undetected cyberattacks to emerge thanks to real-time behavior analysis
According to the CMC Group, undetected cyberattacks can increase the number of cyberattacks to our critical infrastructures by up to 45%, which, according to the latest data available, were 134 in 2015
Madrid, November 15, 2016 – Spanish multinational consultancy Group CMC has signed an agreement with Nozomi Networks that extends Nozomi Networks’ solutions to customers in Spain. This gives operators in the región access to new tolos for strengthening and speeding the detection of cyber attacks on critical industrial infrastructures.
The solution, SCADAguardian, reduces attack detection time, which currently stands at an average of between 60 and 150 days, to only hours. This is possible thanks to the integration of artificial intelligence and machine learning for real-time detection of security problems. It should be noted that Nozomi Networks has just secured a funding round of $ 7.5 million, due to the potential of this technology in the cybersecurity environment.
In total, 18,232 cyber incidents were managed in 2015, 41% more than in 2014 and of them, according to the National Cryptological Center’s Safety Incident Response Team (CCN-CERT), 430 were considered as serious. As regards critical infrastructures (134 attacks), 66% were also classified as serious and the sectors most affected were energy, water and food. All players in this market are sure that these figures will continue to increase. In fact, the forecast is that in 2016 will end 25,000 cyber attacks against public administration systems and companies of strategic interest to the country.
In this regard, and according to the CMC Group, industrial installations are especially vulnerable to attacks, as a result of the increasing automation of this sector, the expansion of Internet of Things (IoT) or the rise of the Industry 4.0 concept.
According to Jaime Hortelano, CEO of Group CMC, “the world is divided into organizations that are aware that they are attacking them and organizations that do not even know they are being attacked. This ignorance is incompatible with the requirement to ensure the safety of critical systems that control strategic services such as energy and water supply and other industrial infrastructures.” With this new technology, we eliminate that ignorance and offer the possibility of minimizing the time to detect them.”
According to Edgard Capdevielle, CEO of Nozomi Networks, “the number of cyberattacks in the United States has gone from one or two a year five years ago, to practically a daily attack in 2015, and the number will continue to grow.” “This data,” Capdevielle continues, “is extrapolatable to Spain and highlight the real dimension of a threat that has among its objectives critical industrial infrastructures on which strategic services depend, such as the production and supply of energy or Transport, since the technology of Nozomi Networks is already responding in more than 25 countries.”
Analyze threats in real time
Following this agreement, Group CMC launches the SCADAguardian platform in Spain, which applies behavioral analysis technologies and real-time automatic learning to detect safety issues in industrial gear. Based on this new agreement, Group CMC will implement the Nozomi Networks platform in Spain, which occupies the sixth position in the ranking of countries that receive cyberattacks, and in the countries of Europe and Latin America in which it operates.
Nozomi Networks software automatically creates a map of the environment in which it is deployed and scans its components for vulnerabilities. The detection algorithms that it incorporates also examine the configuration of each system and check if there are problems that could cause fissures before attacks.
The SCADAguardian solution is currently the most advanced on the market due to two fundamental factors: its ability to analyze network behavior and industrial infrastructure in real time and pre-detection based on firewall, and provide, in a unified, Total visibility of operations in different plants or centers through customizable control panels and easy integration into the operators’ own systems.
Its ability to operate in real time enriches the environmental information collected with real activity data and creates an updated profile of operations. The threat detection algorithms use this model as a reference to determine if a certain action corresponds to the routine behavior of the system or if, on the contrary, it is an anomalous incident that needs attention, such as massive calls to a system from a botnet.
In the latter case, the software automatically alerts itself through a notification mechanism built into the platform, which provides administrators with information about the cause of the problem. The organization can also transmit SCADAguardian activity data to its firewalls and other intrusion prevention tools to respond immediately to any incident. SCADAguardian currently monitors more than 100,000 industrial devices from multinational customers, including the Italian energy giant Enel, which provides electricity to more than 61 million customers worldwide.
About CMC Group
The CMC Group (Cognicase Management Consulting) has been operating in Spain since 1993. The firm provides management consulting services as well as solutions within the world of Information and Communication Technologies. The group employs more than 750 professionals and serves nearly 100 companies in almost all economic sectors, with a strong presence in finance, insurance, telecommunications, retail, energy and utilities, industry, transport And infrastructures, health and pharmaceuticals. CMC works for a good part of the IBEX35 companies and operates throughout Spain through its headquarters in Madrid, Seville, Barcelona, Valencia and Zaragoza. On an international level, the group, already involved in an ambitious expansion plan, is already present in Italy, UK, Portugal, Mexico and Colombia. www.grupocmc.es
About Nozomi Networks
Nozomi Networks is revolutionizing Industrial Control System (ICS) cybersecurity with the most comprehensive platform to deliver real-time cybersecurity and operational visibility. Since 2013 the company has innovated the use of machine learning and artificial intelligence to meet the unique challenges of critical infrastructure operations. Nozomi Networks delivers both cybersecurity and process anomaly detection along with industrial network visualization and monitoring, asset inventory, and vulnerability assessment. Deployed in the world’s largest industrial installations, customers benefit from enhanced cybersecurity and improved operational reliability with one end-to-end solution. Nozomi Networks is headquartered in San Francisco, California.