Blog

 

Advancing ICS Cybersecurity for Low-Impact Electricity Carriers

Advancing ICS Cybersecurity for Low-Impact Electricity Carriers

Cybersecurity threats to the power grid are a continuous danger nowadays, and because of this, regulation in North America may expand from covering bulk electricity carriers to low-impact carriers. Last month FERC, the U.S. Federal Energy Regulatory Commission, proposed a new rule for low-impact carriers, covering transient electronic devices such as USBs and laptops, and incident response policies.
While the regulation is still in the review stage, some low-impact utilities are not waiting to improve their cybersecurity posture and get a head start on compliance. They are taking advantage of the latest innovation for cyber threat monitoring and detection systems. Vermont Electric Coop is one such entity, and they have realized multiple benefits from their proactive approach.

read more
Bad Rabbit Highlights Employees’ Role in Cybersecurity Attacks

Bad Rabbit Highlights Employees’ Role in Cybersecurity Attacks

Recently reports of a new ransomware malware known as Bad Rabbit was making headlines in the press. A suspected variant of NotPetya, Bad Rabbit spread quickly through IT networks in Europe and elsewhere.
Our research indicates that while Bad Rabbit infections started to be reported in late October, the group behind the attacks started creating an “infection-network” in July. While not reported as impacting industrial systems, industrial operators should take note of this attack and what it means for their cyber resiliency programs.

read more
Nozomi Networks Integrates with Palo Alto Networks Next-Generation Firewall

Nozomi Networks Integrates with Palo Alto Networks Next-Generation Firewall

Without comprehensive, real-time visibility of industrial control system (ICS) networks, devices and process status, protecting control networks from cyberattacks and avoiding operational disruptions is a serious challenge. Over the last half-decade, Nozomi Networks has built a successful reputation providing a solution to this very problem by offering a non-intrusive, real-time monitoring and threat detection solutionbuilt for ICS.

Now, Nozomi Networks has extended the utility and reach of Nozomi Networks SCADAguardian through an integration with the Palo Alto Networks Next-Generation Firewall (NGFW). Find out why Nozomi Networks chose to integrate with this leading firewall and how the companies’ offerings work in tandem to help bridge the IT/OT gap.

read more
New Release Introduces Hybrid ICS Threat Detection – and more

New Release Introduces Hybrid ICS Threat Detection – and more

Amid rising threats to industrial control systems, it’s good to see more and more operators realizing there is new technology available that can significantly help them with the challenge of ICS cybersecurity. Companies are moving beyond relying on network segmentation, industrial firewalls and SIEMs and want to monitor and analyze their network traffic in real-time so they can immediately act to defend security and reliability.

Our passive ICS cybersecurity and visibility solution addresses that goal, and today I am glad to let you know that we are advancing our offering with our second major product release of 2017. It further enhances our strength in ICS threat detection and addresses the needs of large customers for easy IT/OT integration. Let’s look at the key capabilities in release 17.5.

read more
Nozomi Networks Selected by FireEye for ICS Depth & Technical Excellence

Nozomi Networks Selected by FireEye for ICS Depth & Technical Excellence

Malware attacks like WannaCry, Dragonfly 2 and Industroyer have brought industrial cyber threats to the attention of corporate boards and governments around the world. As a result, CISOs and those responsible for critical infrastructure are demanding real, enterprise-grade OT security solutions. Many are reaching out to trusted partners in IT security, looking for help in securing their industrial control networks.

This is the driver behind our new partnership with FireEye. FireEye’s customers include more than 40% of the Forbes Global 2000 and they depend on FireEye to eliminate the complexity and burden of cybersecurity for them.

To help extend its ICS cybersecurity offerings, FireEye recently thoroughly analyzed the market for ICS network security monitoring solutions. We’re happy to announce today that our solution has been selected by FireEye to provide cybersecurity visibility and threat detection for industrial control systems. Find out why our technical excellence and ICS expertise stands out from the crowd.

read more
Advance IT / ICS Cybersecurity with Nozomi Networks and Fortinet

Advance IT / ICS Cybersecurity with Nozomi Networks and Fortinet

In the future, an organization’s cybersecurity strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.

Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cybersecurity. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.

If you’re interested in improving IT / ICS cybersecurity, read on to find out more about the synergetic partnership between Fortinet and Nozomi Networks, and how our products provide the critical ICS cybersecurity thread for Fortinet Security Fabric.

read more
The Big Picture: Secure Critical Infrastructure with Cooperation & Automation

The Big Picture: Secure Critical Infrastructure with Cooperation & Automation

When dealing with the difficulties of securing critical infrastructure, it’s sometimes good to take a step back from day-to-day challenges and take a macro view; look at the big picture.

Fortinet’s CISO Phil Quade did just that recently. He indicates that while the news media focuses attention on high profile malware and ransomware attacks, like WannaCry, the bigger threat to critical infrastructure comes from “low and slow” attacks that are hard to detect. And, since a lot of critical infrastructure is owned and operated by the private sector, securing it takes real cooperation between industry and government.

Phil also states that we are on the verge of a security revolution that includes using automation strategies to find and respond to incremental cyber intrusions. Automation is what underpins the Fortinet / Nozomi Networks partnership. Read on to learn more about Phil’s perspective and how our combined solution secures critical infrastructure.

read more
2017 SANS Survey – Three Ways ICS Security is Improving

2017 SANS Survey – Three Ways ICS Security is Improving

How does your ICS cybersecurity budget compare to those of other organizations? How well are you doing, relatively speaking, in terms of detecting security breaches? And, where does your company stand in terms of managing OT/IT convergence?

If you would like the answers to these questions, the good news is that the SANS Institute has a report for you.

Let’s look at the three areas mentioned above, and find out where they stand in 2017, according to dozens of industrial organizations.

read more
Improving ICS Cybersecurity for Pipeline Systems

Improving ICS Cybersecurity for Pipeline Systems

In the last decade market and cost pressures have driven significant technological advances in automation and industrial connectivity across all aspects of petroleum extraction, pipeline transport and refining. While technological advances are delivering business benefits, systems are now exposed to more cyber risks than ever before.

Yet, according to a 2017 survey by the Ponemon Institute, the deployment of cybersecurity measures in the oil and gas industry isn’t keeping pace with the growth of digitalization in operations.

One way to overcome the ICS cybersecurity gap is to utilize next generation technology that leverages machine learning and artificial intelligence (AI) to deal with system complexity and deliver immediate benefits. Let’s take a look at two examples of how a passive ICS anomaly detection and monitoring solution secures pipeline networks.

read more
Securing Substations and Power Grids with ICS Anomaly Detection

Securing Substations and Power Grids with ICS Anomaly Detection

One of the findings of the recent SANS report “Securing Industrial Control Systems – 2017” is that the number one technology industrial organizations are looking to implement over the next 18 months is intrusion detection.

Up until recently, detecting anomalies on ICS networks that might be caused by a cyberattack has been ”mission impossible.” That’s because such networks typically include equipment from a wide assortment of vendors, run thousands of real-time processes and generate huge volumes of data. Analyzing and monitoring this data to detect anomalies was very difficult.

The good news is that a new generation of ICS cybersecurity tool is available for industrial intrusion detection. This article describes how our product, SCADAguardian does it, and gives an example of how it would detect and counter a cyberattack on a regional control center of an electric power utility.

read more