Many industrial organizations with critical infrastructure—including those in transportation and manufacturing verticals—find that after obtaining a budget for OT monitoring and cybersecurity, their problem is not solved. They’re now faced with managing the deployment, operations, and utilization of an OT/IoT security solution without sufficient skilled resources.
That’s where Managed Security Solution Providers (MSSPs) play a vital role. They fill an essential gap in the market by delivering cost-effective expert cyber-physical security services to enterprises.
At Nozomi Networks, we offer advanced operational technology (OT) and industrial IoT (IIoT) cybersecurity solutions to MSSPs as a component of a managed security offering. To ensure that end-customers receive the full benefits of our visibility and security solutions through their partner of choice, Nozomi Networks endorsed MSSPs are required to complete a certification and training program.
IBM and Nozomi Networks have been working together for five years, and we’re thrilled that IBM Security recently completed our MSSP Elite Partner certification. They’re now including the Nozomi Networks solution platform as part of their portfolio of managed security service offerings.
If your organization is committed to improving cyber resiliency but do not have the in-house resources to do so, the Nozomi Networks / IBM Security MSSP offering might be just the ticket for you.
We sat down with IBM Security to learn more about their MSSP offering and why they chose our solution for OT/IIoT cybersecurity.
Tell us about IBM’s MSSP offering – how did it begin and how has it evolved?
Over the last couple of years, several of IBM’s enterprise security clients inquired about extending their X-Force Threat Management (XFTM) services into OT.
We recognized that partners were needed to prove out the extension of the XFTM solution into OT. IBM Security needed OT partners willing to:
- Integrate their solutions with QRadar
- Support the IBM Security Service Product Managers, Architects, and Engineers as IBM Security built the integrated IT/OT threat management solution
- Help train our sellers on how to position the joint OT solutions with our clients
- Help train our consulting teams on how to tailor partners’ technology to the client’s unique business and operational requirements
- Train our managed services delivery teams on how to analyze and process sensor data
- Learn with IBM Security how to deliver an integrated IT/OT solution to mutual clients
We thus began the search for the right partner.
Tell us about your MSSP customers – what are their primary industries and what’s driving them to MSSP solutions?
IBM Security clients have typically come from the manufacturing, distribution, and transportation industries. The standardized IBM Security XFTM for OT offering supports these industries, plus others including oil and gas exploration and refining, chemicals and petroleum, mining, energy generation and transmission.
In short, what’s driving them to MSSP solutions is complexity. Many of our clients have admitted that after securing budget for OT monitoring, they were surprised to see how difficult operating an OT cybersecurity program is without the right resources. This is where IBM and Nozomi Networks have been able to add a lot of value.
Monitoring and managing the OT environment is no trivial undertaking. Even something as simple as keeping logs up to date is an entangled process. Environments must be prepped, and teams need to gain an understanding of network segmentation and OT processes. Finally, risk must be assessed before any implementation can take place.
An example of this is where one of our transportation clients is currently routing network device information from their Security Operations Center (SOC) through a secondary cybersecurity solution has been identified as having gaps in OT coverage.
The client did not want to completely replace what they had established, so IBM and Nozomi Networks came in with the solution. We put consultants on the ground with the client, installed the Nozomi Networks solution into various OT processes and configured remote management systems. The joint solution incorporated all of the use cases into the competitor’s management system to be monitored from the IBM SOC. We were able to fill the customer’s technology gaps without disrupting operations.
What drove you to incorporate Nozomi Networks solutions into the offering?
IBM and Nozomi Networks have a well-established relationship going back almost five years now. It began when a former IBM’er moved over to Nozomi Networks and immediately saw an opportunity to pair their offerings with IBM services. This launched a deep partnership with each party working to skill the other up. At the time, both companies were in the early stages of cyberprotection deployment in OT, and the personal relationships made it easy to grow together.
Nozomi Networks was identified as a leader in the OT space and proved to be a valuable partner right away, helping with every aspect of POCs and standardized solution design.
Now, five years later, the partnership is bearing fruit for our clients. In partnership with Nozomi Networks, IBM Security has moved several clients past the POC phase and into production with the XFTM for OT offering, as an extension of their current IT service posture.
Nozomi Networks has also helped IBM Security with design and transition work. In return IBM feeds emerging client requirements into the Nozomi Networks roadmap process to assist with future product releases.
The Bottom Line for Critical Infrastructure and Industrial Organizations
In an environment where building in-house cybersecurity expertise isn’t viable, the collaboration between our companies offers a way forward.
To find out more about the benefits of using IBM Security’s managed service offering with Nozomi Networks cybersecurity OT solutions:
- Visit www.ibm.com/security/operational-technology.
- Learn more by reading the IBM Security Intelligence blog, and following @IBMSecurity on Twitter.