As cyber threats become more complex, industrial control systems (ICS) are even more vulnerable to attack. To that end, plant floor security can’t be handled the same way as it is in the enterprise where all the IT department may need is a firewall, virus detection software and network monitoring applications. The systems on the manufacturing floor need all of that—and more—because protecting ICSs requires multiple layers of security to keep the environment in a safe state.
With that in mind, two cybersecurity technology vendors are teaming up to provide industrial businesses with a joint offering that unites threat detection software with hardware-enforced network protection.
This week, Waterfall Security Solutions, a maker of a unidirectional security gateway, and FireEye, a provider of the Threat Analytics Platform (TAP), entered into a global partnership to deliver a multipronged approach to secure industrial networks.
This joint offering enables customers to monitor their ICS networks using FireEye’s cloud-based Helix service, a detection and response platform that simplifies, integrates and automates security operations. They can then safeguard the network using Waterfall’s Unidirectional CloudConnect for reliable and secure IT/OT integration.
Here’s how it works:
FireEye’s TAP aggregates log and event data from multiple sources and applies intelligence against that data to drive actionable alerts. Event data is compressed, encrypted and sent to the cloud for centralized log retention, real-time threat analysis and incident investigation. TAP can prioritize actions based on risk and can identify the highest priority focus areas for an incident responder to help organizations accelerate their detection and response cycles.
CloudConnect also gathers data, specifically from industrial sources such as historians, OPC servers, devices and the ICS. It then converts that data into a unified cloud-friendly format, such as XML files, relational databases, publish/subscribe protocols or SOAP web services. CloudConnect is based on Waterfall’s Unidirectional Gateway technology that allows information to be sent out of the ICS network for data sharing with the enterprise, but it is physically incapable of receiving data back into the ICS network.
Working together, TAP and CloudConnect integrate industrial networks with threat detection applications without the risk of allowing bad actors into the environment.
Ironically, there is a cloud-based aspect to the cybersecurity offering. Industrial businesses that previously refrained from using any cloud or Industrial Internet of Things (IIoT) services due to security concerns, can be confident that their ICS networks are safe from external cyber risks.
“This new partnership is an important step towards improved security for industrial sites,” said Lior Frenkel, CEO and co-founder of Waterfall Security Solutions. “An increasingly complex industrial threat landscape demands increasingly sophisticated security solutions.”