Select Page

Meeting U.S. Government Cybersecurity Guidelines for Pipelines

CHALLENGE

Selecting an ICS Monitoring Solution that Meets/Exceeds
Government Considerations

Escalating attacks on critical infrastructure have spurred the U.S. government to take numerous actions to accelerate improvements in cyber resiliency.

This includes an initiative to improve the ICS cybersecurity of pipelines. To that end, a set of 17 considerations for evaluating ICS/OT monitoring technology was created. While initially developed for electric utilities, the considerations are also being recommended to pipeline asset owners.

The Nozomi Networks solutionhelps you meet and exceed government guidelines for ICS/OT monitoring technology.

THE SOLUTION

Build a Secure Future Using the Solution Preferred by Energy Organizations

Energy and utilities companies give Nozomi Networks the top score for operational technology security, as demonstrated in Gartner Peer Insights customer reviews. They acknowledge our:

  • Comprehensive OT and IoT visibility
  • Advanced threat detection
  • Accurate anomaly alerts
  • Proven scalability
  • Easy IT/OT integration
  • Global partner ecosystem
  • Exceptional customer engagement and support

Learn how we’re helping organizations like yours –simply click on the links to the right.

Natural-Gas-Distr-Case-Study-thumb
CASE STUDY
Oil-Gas-Producer-Case-Study-thumb
CASE STUDY

Meeting and Exceeding
the 17 U.S. Government Considerations

According to its guidance, the U.S. government does not select, endorse or recommend any specific technology or provider as part of their initiative. Instead, each entity must assess and select the technology or provider that’s best for it.

Furthermore, the agencies that  developed the 17 DOE recommendations (CESER, CISA and the NSA) state:

“The highest priority for the Industrial Control Systems (ICS) Cybersecurity Initiative is for owners and operators to enhance their detection, mitigation, and forensic capabilities.”

With that in mind, the table below lists each of the 17 considerations and describes how the Nozomi Networks solution addresses each of them.

Built for ICS: Continuous Cybersecurity Network Monitoring

Government Consideration
Nozomi Networks Solution

1

Technologies built for ICS networks with integration compatibility with ICS protocols and communications.

“Nozomi Networks has superior ICS protocol support and asset visibility in their products. Nozomi is a good fit for electric utilities, oil and gas, and manufacturing companies worldwide.”

Forrester Research

2

Technologies that provide sensor-based continuous network cybersecurity monitoring, detection, and facilitate response capabilities for ICS/OT (i.e., the technology is ICS-focused and already understands ICS communications, such as deep packet inspection capabilities for ICS protocols).

  • Provides “always on” continuous monitoring of OT, IoT and IT protocols for assets from all vendors
  • Analyzes network communications using protocol-specific Deep Packet Inspection (DPI) for dozens of industrial protocols

  • Detects cybersecurity and process reliability threats

  • Accelerates incident response with actionable intelligence and time-saving response tools

Insight and Information Sharing

Government Consideration
Nozomi Networks Solution

3

Technology software that has a collective-defense capability/framework to allow the sharing of insights and detections rapidly with the Federal government, participants, and trusted organizations such as relevant information sharing and analysis centers (ISACs)/information sharing and analysis organizations (ISAOs). Data and insights collected must be sharable across the Federal government, to the greatest extent possible, and should be compatible with other sector sensing partnerships.

  • Provides highly accurate ICS attack, vulnerability, and anomaly data, the foundation for information sharing
  • Integrates out-of-the-box with SIEM/SOAR, threat sharing platforms, and other products for rapid information-sharing across the organization and beyond
  • Shares data more broadly via reporting and exporting capabilities, as well as through an Open API
  • Receives continuously updated Threat Intelligence and Asset Intelligence, reducing the Mean-Time-to-Detect (MTTD) and the Mean-Time-to-Respond (MTTR)
Vantage-Screen-Network_Visualization-1021

Click to enlarge.

The Nozomi Networks Solution Supports the MITRE ATT&CK for ICS and Enterprise Frameworks

The Nozomi Networks solution associates malicious activity with techniques in the MITRE ATT&CK for ICS and Enterprise frameworks.

For example, a request to stop a process using the well-known TRITON malware generates an  “OT Device Stop Request” alert.

Included in the alert is the Change Program State technique (T875), which is associated with both Execution and Impair Process Control tactics.

This information helps analysts understand the behavior and improves response time.

For more details, read Enhancing Threat Intelligence with the MITRE ATT&CK Framework.

U.S. Government Cybersecurity Considerations for Pipelines

The Nozomi Networks solution helps you meet and exceed the 17 government cybersecurity recommendations.

Start building a secure future today, using the solution preferred by the midstream oil & gas industry.

More Challenges

CHALLENGE

Improving
OT and IoT
Visibility

Without visibility into my entire oil & gas network and its activities, it’s hard to effectively monitor, manage and secure it.

Learn More

CHALLENGE 

Preventing Unplanned Downtime

Identifying pipeline devices slipping out of scope would help me avoid equipment failure and costly downtime.

Learn More

CHALLENGE

Detecting Malware Before
It Strikes

I need to know if a persistent threat is on my oil & gas network before it hijacks my data or disrupts my processes.

Learn More

Want to Know More?