Most cybersecurity/hardware supplier relationships come to market based on the hardware provider’s selection of a particular cybersecurity software to feature on its product. Providing a bit of a twist on this process is the relationship between Dragos Inc., developer of the Dragos ICS (industrial control system) threat detection and response platform, and Schweitzer Engineering Laboratories (SEL), a supplier of controls, network automation, industrial computer, sensor and power management technologies.
In this partnership, Dragos selected SEL to be the vendor of Dragos’ hardened cybersecurity sensors for industrial use. According to Dragos, these sensors can be used in a variety of industrial environments to detect ICS threats while withstanding harsh temperature, shock, vibration, humidity or electric noise conditions. The Dragos technology will be delivered as part of the SEL-3355 rack-mount computer.
The SEL-3355 computer has no moving parts, such as rotating hard drives and fans, and uses error-correcting code memory technology. The company says this approach to industrial computers enables its product to have more than ten times greater mean time between failures vs typical industrial computers. Multiple network ports on the SEL-3355 allow Dragos sensors to collect data from numerous sources, providing ICS data collection across various locations.
The connection between the two companies has all the typical aspects of “getting together and promoting products," said Robert M. Lee, CEO and founder of Dragos. "But we’re also doing R&D together, educating together and creating joint solutions. We’re taking the best of both worlds to create something new.” Lee noted that, prior to the SEL-3355 announcement, the companies had already worked together to pair SEL’s software defined network capability with Dragos’ analytics in its Threat Intelligence module.
Dave Whitehead, COO of SEL, said that by working together with Dragos, “We’ve locked this down so that only devices that should be talking to each other are allowed to talk to each other. And if there’s a problem we can flag traffic on the network that shouldn't be there and hand it off to Dragos.”
The Dragos platform consists of three components, said Lee:
- A network appliance that takes data from controllers, relays, system logs and historians to provide a complete picture of the industrial environment,
- Intelligence analysts at Dragos, who take their insights into ICS cybersecurity and codify it into Dragos analytics to identify problems, rather than simply highlight that a problem exists on the network, and
- A dedicated instant response team focused on industrial security who develops a step-by-step guide for each analytic to guide users in resolving the situation.
Leaders relevant to this article: