Industrial control system (ICS) networks including SCADA systems are vulnerable to cyber threats on several fronts.
First, operational technology (OT) networks that control the critical infrastructure in industrial operations lack basic security found in enterprise IT networks, including access controls, authentication and encryption, event logs, etc., meaning that employees, contractors or hackers can make logic changes to industrial control devices and applications, which are rarely patched due to concerns over production interruptions.
Secondly, ‘air gaps’ no longer isolate and protect industrial infrastructure as OT networks are increasingly connected to enterprise IT networks, the cloud, mobile devices, and a wide variety of Internet of Things (IoT) sensors and smart devices.
Consequently, critical SCADA systems and ICS devices are now exposed to security vulnerabilities across a growing attack surface via new attack vectors.
Thirdly, while cyber attacks can move rapidly across and throughout IT and OT networks, IT security staff is not prepared or well-equipped to manage these threats.
OT networks and industrial assets are often not visible to IT security staff, and security tools designed for IT networks can’t monitor activity on proprietary, vendor-specific and largely undocumented industrial control protocols.
Under these less than ideal circumstances, fast-moving malware and cyberattacks that target OT networks, key safety systems and assets go undetected until damage is underway or done.
Last year’s NotPetya, WannaCry ransomware, and Triton, which was launched by a nation-state, are prime examples of how unprepared industrial operations are to modern cyberthreats.
Indegy, a leader in industrial cyber security and New Competitor in the 2019 ‘ASTORS’ Homeland Security Awards Program, has developed technologies that specifically address these three challenge areas and more.
(Indegy brings all of the best elements of your IT cybersecurity tools into the OT environment. When it comes to choosing a winning strategy for protecting your critical infrastructure, you can’t settle for less. Courtesy of Indegy and YouTube. Posted on Apr 10, 2019.)
Indegy Industrial Cyber Security Suite
The Indegy Industrial Cybersecurity Suite is powered by patented technology that arms both IT security and operations teams with full visibility, security and control of ICS activity and threats.
The Indegy Suite combines hybrid, policy-based monitoring and network anomaly detection with unique device integrity checks to provide real-time situational awareness and visibility into ICS networks, along with behavioral anomaly detection with policy based rules for comprehensive threat detection and mitigation, and unique visibility into asset inventory.
Indegy also completely interoperates with common IT security products such as industry leading NGFWs, SIEM, NAC and other products to create an ecosystem of trust that spans both IT and OT environments, many of which are in the process of converging.
Industrial Control Systems use Programmable Controllers (PLC and DCS) to manage processes, and any changes to the firmware, application logic or configuration parameters of a controller, whether caused by human error or intentionally by a hostile attacker, can result in potentially life threatening physical and environmental damage.
A recent investigative report published by the Wall Street Journal revealed that Russian agents have already hacked into the US electric grid.
(Watch this short video on the top threats to Industrial Control Networks, produced by Indegy. Courtesy of Indegy and YouTube.)
Indegy was just awarded patent #10,261,489 from the USPTO for proprietary software technology that is able to detect hostile attacks and misconfigurations in ICS networks using active querying.
This newly awarded patented invention is part of the Indegy Industrial Cybersecurity Suite, which is now the first product to provide both active and passive detection of threats in ICS based environments.
While most solutions can provide passive-only detection, Indegy’s unique combination of both active and passive threat detection provides complete visibility into all operational network activity, including changes made directly on control devices that elude competitive approaches.
“This patent recognizes Indegy for inventing the active detection of cyber threats to industrial control systems which accomplishes more than passive network monitoring alone and provides visibility customers cannot do without,” explains Mille Gandelsman, CTO of Indegy.
“Our unique combination of both active and passive threat detection provides complete visibility into all operational network activity, including changes made directly on control devices that elude competitive approaches.”
The Indegy Industrial Cybersecurity Suite automatically discovers all controllers on ICS networks, monitors all access and changes in real-time, and validates their integrity ensuring no unauthorized changes go undetected.
It also provides end-to-end network threat visibility across multiple sites with centralized management to enable organizations to protect their operations anywhere in the world.
The level of visibility, security and control provided by Indegy is more accurate and would take months of man hours to achieve using current approaches, which are largely manual.
The Indegy Industrial Cybersecurity Suite identifies cyber threats faster by understanding proprietary protocols and by combining active device integrity checks and behavioral anomaly detection with policy-based rules.
Unlike competitors, Indegy provides comprehensive visibility into asset inventory, even identifying dormant and off-line devices.
This is essential for quickly identifying affected assets when a vulnerability is discovered.
The Indegy Suite identifies and validates changes, whether they are made locally on a device or over the network and provides rich context for cyber threats and a comprehensive audit trail.
Highlights of the New Indegy Patent invention works as follows:
- The Indegy product requests that a controller, which controls one or more field devices in an industrial control network, report the code it is currently using.
- Indegy compares the code reported by the controller with a stored baseline version of the code.
- When a discrepancy between the code reported by the controller and the baseline version is detected, Indegy automatically issues a notification.
- Indegy also reduces the number of devices needed to achieve 100% visibility since it eliminates the need to tap into every network switch.
- Finally, Indegy works in environments that don’t even have managed switches.
The Indegy Industrial Cybersecurity Suite is purpose-built to provide real-time situational awareness and visibility into ICS networks, by combining behavioral anomaly detection with policy based rules for comprehensive threat detection and mitigation, and unique visibility into asset inventory.
Industrial facilities including critical infrastructure such as utilities, water, energy, pharmaceutical and manufacturing successfully utilize Indegy to automate operational oversight processes, identify human errors such as misconfigurations and failed maintenance, and protect against malware, cyber attacks and insider threats.
The Indegy Industrial Cybersecurity Suite can be delivered as an all-in-one turnkey appliance (VM optional) that plugs into a centrally located switch in the ICS network, for a simplified, agentless deployment model that enables lower total cost of ownership and quick implementation with zero-impact to the network and no operational disruptions.
The platform features out-of-the-box integration with third-party enterprise solutions as well as an extensive and easy-to-use RESTful API, allowing users to extend security and incident management practices across IT and OT environments.
Optional Indegy Sensors support complex multi-segment network architectures, using compact rack mount or DIN-rail mount form factors, and finally, Indegy Enterprise Management provides multi-site support for enterprise-wide visibility and control.
Indegy’s customers represent a broad range of industries worldwide, including critical infrastructures, energy, water utilities, manufacturing operations and more.
The City of Raleigh recently won the 2019 CSO50 award for its implementation of Indegy Industrial Cyber Security Suite that is protecting its OT network and industrial control systems (ICS) from cyber threats, insider attacks and human error.
With a small staff and a tight budget, the City of Raleigh uses Indegy to monitor all activity in its water and utility infrastructures, ensuring fast response to threats.
(Watch this video testimonial, in which Steve Worley, SCADA Security Manager, City of Raleigh, NC Municipal Government, discusses how Indegy’s Industrial Cyber Security Suite is helping the City of Raleigh maintain the safety and availability of water and other utilities. Courtesy of Indegy and YouTube. Posted on Apr 10, 2019.)
Nesher Cement Manufacturing, the largest cement producer in Israel with 60% market share, has been protecting its very complex SCADA environment for the last three years with the Indegy Industrial Cybersecurity Suite.
It was implemented across two sites, the cement factory and power plant, with zero interference with the industrial environment, safety, reliability and productivity.
Simple to use, the Indegy gave them OT network visibility they didn’t have before, and provides 24/7 visibility and alerting into cyber threats.
(Watch this video testimonial, in which Roy Shalev, CISO, Nesher Cement Enterprises, discusses how Indegy’s Industrial Cyber Security Suite is helping Nesher gain full visibility into its SCADA environment. Courtesy of Indegy and YouTube. Posted on Apr 10, 2019.)
The Public Utility District No. 1 of Whatcom County is using the Indegy Industrial Cybersecurity Suite to alert to any changes to industrial controllers or the OT network, which protects against both remote and local attacks, and insider threats.
Continuous packet captures and asset mapping enables them to quickly assess network incidents.
(Watch this video testimonial, in which Paul Siegmund, Manager of Automation and Technology at PUD Whatcom County, talks about how Indegy helps protect the district’s public utilities from remote and local cyber attacks. Courtesy of Indegy and YouTube. Posted on Apr 10, 2019.)
After a pharmaceuticals manufacturer with facilities in 50+ countries suffered losses, downtime and increased costs due to third party contractor errors, they implemented Indegy to track and alert on all internal and third-party maintenance work.
This lets them meet strict FDA requirements and protect ICS/SCADA systems and IP from cyber-espionage and theft.
(Learn More. At the heart of pharmaceutical manufacturing facilities lie the Industrial Control Systems (ICS), which manage and automate drug manufacturing processes. Courtesy of Indegy and YouTube. Posted on Apr 10, 2019.)
Meanwhile a Fortune 100 petroleum refinery implemented Indegy to protect ICS/SCADA networks and track maintenance actions, following an incident where unauthorized, untraceable changes to blend production systems resulted in defective batches, shutdowns and hazardous waste costs.
An automaker with 100+ manufacturing facilities in 30+ countries implemented Indegy to monitor and track production changes and controller upgrades in real-time, discover/maintain accurate OT inventory, and provide a rich audit trail for forensics.
Leading industry analysts have also cited Indegy’s leadership in the industrial cyber security market.
Indegy Competes in 2019 ‘ASTORS’ Homeland Security Awards Program
As a 2019 ‘ASTORS’ Homeland Security Awards Program Competitor, Indegy’s Industrial Cybersecurity Suite will be competing against the industry’s leading providers of Innovative ICS/SCADA Cyber Security Solutions.
Nominations are now being accepted for the 2018 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.
|Access Control/ Identification||Personal/Protective Equipment||Law Enforcement Counter Terrorism|
|Perimeter Barrier/ Deterrent System||Interagency Interdiction Operation||Cloud Computing/Storage Solution|
|Facial/IRIS Recognition||Body Worn Video Product||Cyber Security|
|Video Surveillance/VMS||Mobile Technology||Anti-Malware|
|Audio Analytics||Disaster Preparedness||ID Management|
|Thermal/Infrared Camera||Mass Notification System||Fire & Safety|
|Metal/Weapon Detection||Rescue Operations||Critical Infrastructure|
|License Plate Recognition||Detection Products||And Many Others!|
Don’t see a Direct Hit for your Product, Agency or Organization?
Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: email@example.com.
Good luck to Indegy on becoming a Winner of the 2019 American Security Today’s Homeland Security Awards Program!
The Annual ‘ASTORS’ Awards Program is specifically designed to honor distinguished government and vendor solutions that deliver enhanced value, benefit and intelligence to end users in a variety of government, homeland security and public safety vertical markets.
Over 130 distinguished guests representing National, State and Local Governments, and Industry Leading Corporate Firms, gathered from across North America, Europe and the Middle East to be honored among their peers in their respective fields which included:
- The Department of Homeland Security
- The Federal Protective Service (FPS)
- Argonne National Laboratory
- The Department of Homeland Security
- The Department of Justice
- The Security Exchange Commission Office of Personnel Management
- U.S. Customs and Border Protection
- Viasat, Hanwha Techwin, Lenel, Konica Minolta Business Solutions, Verint, Canon U.S.A., BriefCam, Pivot3, Milestone Systems, Allied Universal, Ameristar Perimeter Security and More!
The Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program highlighting the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition, and keep our Nation safe – one facility, street, and city at a time.
The 2018 ‘ASTORS’ Homeland Security Awards Program was Proudly Sponsored by ATI Systems, Attivo Networks, Automatic Systems, Desktop Alert, and Royal Holdings Technologies.
Nominations are now being accepted for the 2019 ‘ASTORS’ Homeland SecurityAwards at https://americansecuritytoday.com/ast-awards/.
2018 Champions Edition
See the 2018 ‘ASTORS’ Champions Edition – ‘Best Products of 2018 ‘ Year in Review’ for in-depth coverage of the outstanding products and services of firms receiving American Security Today’s 2018‘ASTORS’ Homeland Security Awards.’