Blog

 

Advance IT / ICS Cybersecurity with Nozomi Networks and Fortinet

Advance IT / ICS Cybersecurity with Nozomi Networks and Fortinet

In the future, an organization’s cybersecurity strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.

Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cybersecurity. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.

If you’re interested in improving IT / ICS cybersecurity, read on to find out more about the synergetic partnership between Fortinet and Nozomi Networks, and how our products provide the critical ICS cybersecurity thread for Fortinet Security Fabric.

read more
The Big Picture: Secure Critical Infrastructure with Cooperation & Automation

The Big Picture: Secure Critical Infrastructure with Cooperation & Automation

When dealing with the difficulties of securing critical infrastructure, it’s sometimes good to take a step back from day-to-day challenges and take a macro view; look at the big picture.

Fortinet’s CISO Phil Quade did just that recently. He indicates that while the news media focuses attention on high profile malware and ransomware attacks, like WannaCry, the bigger threat to critical infrastructure comes from “low and slow” attacks that are hard to detect. And, since a lot of critical infrastructure is owned and operated by the private sector, securing it takes real cooperation between industry and government.

Phil also states that we are on the verge of a security revolution that includes using automation strategies to find and respond to incremental cyber intrusions. Automation is what underpins the Fortinet / Nozomi Networks partnership. Read on to learn more about Phil’s perspective and how our combined solution secures critical infrastructure.

read more
2017 SANS Survey – Three Ways ICS Security is Improving

2017 SANS Survey – Three Ways ICS Security is Improving

How does your ICS cybersecurity budget compare to those of other organizations? How well are you doing, relatively speaking, in terms of detecting security breaches? And, where does your company stand in terms of managing OT/IT convergence?

If you would like the answers to these questions, the good news is that the SANS Institute has a report for you.

Let’s look at the three areas mentioned above, and find out where they stand in 2017, according to dozens of industrial organizations.

read more
Improving ICS Cybersecurity for Pipeline Systems

Improving ICS Cybersecurity for Pipeline Systems

In the last decade market and cost pressures have driven significant technological advances in automation and industrial connectivity across all aspects of petroleum extraction, pipeline transport and refining. While technological advances are delivering business benefits, systems are now exposed to more cyber risks than ever before.

Yet, according to a 2017 survey by the Ponemon Institute, the deployment of cybersecurity measures in the oil and gas industry isn’t keeping pace with the growth of digitalization in operations.

One way to overcome the ICS cybersecurity gap is to utilize next generation technology that leverages machine learning and artificial intelligence (AI) to deal with system complexity and deliver immediate benefits. Let’s take a look at two examples of how a passive ICS anomaly detection and monitoring solution secures pipeline networks.

read more
Securing Substations and Power Grids with ICS Anomaly Detection

Securing Substations and Power Grids with ICS Anomaly Detection

One of the findings of the recent SANS report “Securing Industrial Control Systems – 2017” is that the number one technology industrial organizations are looking to implement over the next 18 months is intrusion detection.

Up until recently, detecting anomalies on ICS networks that might be caused by a cyberattack has been ”mission impossible.” That’s because such networks typically include equipment from a wide assortment of vendors, run thousands of real-time processes and generate huge volumes of data. Analyzing and monitoring this data to detect anomalies was very difficult.

The good news is that a new generation of ICS cybersecurity tool is available for industrial intrusion detection. This article describes how our product, SCADAguardian does it, and gives an example of how it would detect and counter a cyberattack on a regional control center of an electric power utility.

read more
SANS ICS Survey – How SCADAguardian Tackles the Top Threats

SANS ICS Survey – How SCADAguardian Tackles the Top Threats

The SANS Institute recently surveyed hundreds of ICS practitioners and cybersecurity stakeholders on the topic of industrial cybersecurity. The results provide a valuable source of information for organizations seeking to understand the state of ICS security or to benchmark their organization against others.

Amongst the findings are a ranking of top threat vectors. Read on to learn what global leaders in critical infrastructure are most concerned about, and how Nozomi Networks’ SCADAguardian defends and mitigates against the top threats.

read more
Defending Against Industroyer with ICS Anomaly Detection

Defending Against Industroyer with ICS Anomaly Detection

Industroyer / CrashOverride have been at the top of the industrial security news lately. And rightly so. Not since Stuxnet has the world seen an advanced malware that was designed and deployed to disrupt physical infrastructure, notably power grids. Industroyer is believed to have been used in attacks on Ukraine that took place in on December 17, 2016 that shut down electrical power to a large area of its capital city, Kiev.

Industroyer is an advanced threat of high concern. Nozomi Network’s experts and researchers have dissected how it works to formulate specific steps to protect, detect, and defend against it. and one that uses normal protocol commands to build its attack. Fortunately, advanced ICS intrusion detection is available that would both identify the malware’s presence and help protect against its impacts.

read more
Nozomi Networks – A Gartner Cool Vendor That’s Getting Hot

Nozomi Networks – A Gartner Cool Vendor That’s Getting Hot

Until now Industrial Control System (ICS) Cybersecurity wasn’t the coolest area of cybersecurity, but Gartner is changing that with its recognition of Nozomi Networks as a 2017 Cool Vendor. Last week, we were honored to learn that Nozomi Networks is a 2017 Gartner Cool Vendor. We are excited that our innovation and its positive impact on ICS cybersecurity will now be brought to the attention of more companies around the world.

I am also very pleased to share the news that the company has seen better than expected customer growth, has made two senior strategic hires, and has recently won a number of industry accolades. Read on to find out more about the momentum being generated by the Nozomi Networks’ team and its advanced OT security technology…

read more
WannaCry: A Wake-up Call to Revisit ICS Cybersecurity Measures

WannaCry: A Wake-up Call to Revisit ICS Cybersecurity Measures

Updated May 19, 2017
The WannaCry ransomware malware broke onto the world scene on Friday May 12, 2017 when it infected over 200,000 computers in more than 150 countries. Thankfully, the impact on manufacturing systems and critical infrastructure was relatively low. However, while WannaCry’s spread has been curtailed for now, new variants have been reported.

Immediate actions are to determine whether your systems are vulnerable by identifying computers and devices running Windows operating systems not updated with the latest security patches or communicating with the SMB1 protocol. If these situations exist, you need to execute a plan to mitigate and protect against these security weaknesses.

While we can take a deep breath that WannaCry did not shut down essential services such as power systems and water systems, the malware is certainly a very loud wake-up call Let’s look at what can be done immediately, and over time, to prevent and mitigate ransomware infections to industrial systems.

read more
U.S. Executive Order on Cybersecurity – What You Need to Know

U.S. Executive Order on Cybersecurity – What You Need to Know

Critical infrastructure cybersecurity is in the spotlight thanks to the new Presidential Executive Order on Cybersecurity. No matter your politics, most would agree that it’s good to see the U.S. government elevating the urgency for critical infrastructure cyber resiliency improvement.

Section 2 of the order calls out the need to improve cyber risk management efforts. If you work for an electric utility or other critical infrastructure operator you should be aware that recent advances in technology can greatly help in this area, and do so in a way that is simple and safe to implement.

read more