Modeling, access simulation and vulnerability analysis capabilities bring enhanced visibility to SCADA and ICS networks to maintain uptime and avoid disruption
Skybox Security, source in security analytics, recently announced its integration with the CyberX industrial internet security platform. Through the integration, Skybox will power complete visibility across industrial control systems (ICS), supervisory control and data acquisition (SCADA) and IT networks. Benefits include:
- Enhanced visibility of the attack surface in critical infrastructure deployments
- End-to-end access analysis from any source and to any destination – even between hybrid IT and operational technology (OT) environments
- Vulnerability exposure analysis in the context of existing security controls and known risks
- Increased uptime and reduced disruptions due to security improvements
Cyberattacks on systems managed by ICS networks can have a catastrophic impact on safety, economies and critical services, which makes them a notorious and potentially lucrative target.
“From a technology perspective, these networks are especially attractive, which is why we’re seeing more attackers target them”, said Skybox VP of Products Ravid Circus.
“The standard defences IT networks rely on — next-generation firewalls, packet inspectors, intrusion prevention systems — don’t translate to these environments. Combined with their legacy technology, out-of-the-box settings and lackluster patching, this is a huge area for cyber risk.”
The CyberXXSense platform models OT networks as a state machine. XSense uses continuous monitoring, real-time data collection and machine learning to detect unfamiliar activity to protect against cyberattacks and operational malfunction or tampering.
Integration with the Skybox Security Suite pulls data from the XSense platform into a visual, interactive model of the attack surface. The model combines ICS and SCADA network data with information from a variety of sources including the Skybox Vulnerability Database, threat intelligence feeds, security analysts, SIEMs and more. This provides comprehensive visibility and contextual intelligence for more accurate prioritization of cyber risks not just in the IT network, but across the entire organization.
“As the Industrial Internet and IT networks grow, the line between the two is disappearing fast, and attackers know it”, said CyberX CTO and Co-Founder Nir Giller. “With Skybox, we’re helping customers in industries such as energy, manufacturing, and oil and gas to ensure their security also bridges that gap. You need to be able to consolidate all of your connected assets and understand how the interrelationships impact risk. This integration makes that possible – and actually pretty easy.”