Meeting U.S. Government Cybersecurity Guidelines for Pipelines
Selecting an ICS Monitoring Solution that Meets/Exceeds
Escalating attacks on critical infrastructure have spurred the U.S. government to take numerous actions to accelerate improvements in cyber resiliency.
This includes an initiative to improve the ICS cybersecurity of pipelines. To that end, a set of 17 considerations for evaluating ICS/OT monitoring technology was created. While initially developed for electric utilities, the considerations are also being recommended to pipeline asset owners.
The Nozomi Networks solutionhelps you meet and exceed government guidelines for ICS/OT monitoring technology.
Build a Secure Future Using the Solution Preferred by Energy Organizations
Energy and utilities companies give Nozomi Networks the top score for operational technology security, as demonstrated in Gartner Peer Insights customer reviews. They acknowledge our:
- Comprehensive OT and IoT visibility
- Advanced threat detection
- Accurate anomaly alerts
- Proven scalability
- Easy IT/OT integration
- Global partner ecosystem
- Exceptional customer engagement and support
Learn how we’re helping organizations like yours –simply click on the links to the right.
Meeting and Exceeding
the 17 U.S. Government Considerations
According to its guidance, the U.S. government does not select, endorse or recommend any specific technology or provider as part of their initiative. Instead, each entity must assess and select the technology or provider that’s best for it.
“The highest priority for the Industrial Control Systems (ICS) Cybersecurity Initiative is for owners and operators to enhance their detection, mitigation, and forensic capabilities.”
With that in mind, the table below lists each of the 17 considerations and describes how the Nozomi Networks solution addresses each of them.
Built for ICS: Continuous Cybersecurity Network Monitoring
Nozomi Networks Solution
Technologies built for ICS networks with integration compatibility with ICS protocols and communications.
“Nozomi Networks has superior ICS protocol support and asset visibility in their products. Nozomi is a good fit for electric utilities, oil and gas, and manufacturing companies worldwide.”
Technologies that provide sensor-based continuous network cybersecurity monitoring, detection, and facilitate response capabilities for ICS/OT (i.e., the technology is ICS-focused and already understands ICS communications, such as deep packet inspection capabilities for ICS protocols).
- Provides “always on” continuous monitoring of OT, IoT and IT protocols for assets from all vendors
Analyzes network communications using protocol-specific Deep Packet Inspection (DPI) for dozens of industrial protocols
Detects cybersecurity and process reliability threats
Accelerates incident response with actionable intelligence and time-saving response tools
Insight and Information Sharing
Nozomi Networks Solution
Technology software that has a collective-defense capability/framework to allow the sharing of insights and detections rapidly with the Federal government, participants, and trusted organizations such as relevant information sharing and analysis centers (ISACs)/information sharing and analysis organizations (ISAOs). Data and insights collected must be sharable across the Federal government, to the greatest extent possible, and should be compatible with other sector sensing partnerships.
- Provides highly accurate ICS attack, vulnerability, and anomaly data, the foundation for information sharing
- Integrates out-of-the-box with SIEM/SOAR, threat sharing platforms, and other products for rapid information-sharing across the organization and beyond
- Shares data more broadly via reporting and exporting capabilities, as well as through an Open API
- Receives continuously updated Threat Intelligence and Asset Intelligence, reducing the Mean-Time-to-Detect (MTTD) and the Mean-Time-to-Respond (MTTR)
The Nozomi Networks Solution Supports the MITRE ATT&CK for ICS and Enterprise Frameworks
The Nozomi Networks solution associates malicious activity with techniques in the MITRE ATT&CK for ICS and Enterprise frameworks.
For example, a request to stop a process using the well-known TRITON malware generates an “OT Device Stop Request” alert.
This information helps analysts understand the behavior and improves response time.
For more details, read Enhancing Threat Intelligence with the MITRE ATT&CK Framework.
U.S. Government Cybersecurity Considerations for Pipelines
The Nozomi Networks solution helps you meet and exceed the 17 government cybersecurity recommendations.
Start building a secure future today, using the solution preferred by the midstream oil & gas industry.