Manufacturing (August 2021) - Security Incident Management using eASIS platform
Collaboration between experienced security engineers and software for security incidents management, detection and protection against threats in industrial control systems, using machine learning algorithms and artificial intelligence technologies, can lead to holistic and effective real-time treatment of sophisticated cyber-attacks against critical infrastructure and industrial facilities.
MANAGEMENT OF SECURITY INCIDENTS COMING FROM INDUSTRIAL CONTROL SYSTEMS, INFORMATION SYSTEMS & NETWORKS
by Nikitas Kladakis - Netbull CEO
The security of industrial control systems (ICS) is a growing concern, as it includes the country's critical infrastructure, factories, and many other sectors that have undergone a tremendous transformation in recent years. The industry as well as the operation of the factories have become much more efficient, mainly due to the supply of new hardware and industrial control software, worth billions that provide solutions that are designed to make production more flexible.
However, combined with increased productivity and profits, there is a rapid increase in cyber security risk as industrial control systems are now connected to the Internet. This is because the previous generation systems, which once were not connected to the Internet, are now connected to it and store data in the cloud, which in many cases means exposing industrial plants to cyber-attacks.
Cybersecurity challenges of industrial facilities.
Τhe challenges of protecting Industrial Control Systems from cyber threats continue to be high on the daily list of security teams. Despite constant monitoring, business activities are at increasing risk, mainly due to the growing number of new intrusion strategies, which are constantly evolving, improving the severity of the threats. Attacks on critical infrastructure, such as power plants, water treatment systems, oil installations and traffic control systems, can even affect national security, cause financial losses or damage the reputation of a company, organization or even a country.
A great example is the largest colonial gas pipeline in the US, which was shut down for several days after a malicious cyber-attack and attributed to the shadow criminal network DarkSide.
Holistic approach using artificial intelligence technologies to manage security incidents.
Netbull, a cyber security leader, has linked ist own Threat Management Platform – called the eASIS (based on the IBM QRadar SIEM solution) to the CLAROTY platform for threat detection and protection of industrial control systems, using machine learning algorithms and artificial intelligence technologies from IBM QRadar Advisor with Watson.
The integration of Netbull Threat Management Platform (eASIS) with Claroty Platform, allows the collection and analysis of security events, vulnerabilities and behavior patterns from industrial control systems. At the same time, their forwarding to eASIS platform achieving:
- Full visibility of all IT & OT environment resources including IoT & IIoT resources
- Unified management of security incidents from the eASIS platform for IT systems and industrial control systems
- Investigation of security incidents using artificial intelligence through IBM QRadar Advisor with Watson
- Expansion of investigation and automation flows in industrial control systems.