CyberX ICS Threat Monitoring App part of collaborative development to stay ahead of evolving threats; enables unified approach to IT and OT security in the corporate SOC
Boston, MA – January 10, 2018 – CyberX, the OT cybersecurity company safeguarding critical industrial infrastructures worldwide, today launched the CyberX ICS Threat Monitoring App for QRadar, which leverages IBM security intelligence technology to enable a unified approach to IT and Operational Technology (OT) security in the corporate SOC.
In the wake of sophisticated industrial threats such as WannaCry/NotPetya, Industroyer/CrashOverride, and TRITON, industrial cybersecurity is a critical priority. Tightly-integrating CyberX’s purpose-built OT security platform with IBM QRadar enables organizations to respond more quickly, allowing CISOs to strengthen OT security while building upon the significant investments they’ve already made in people, workflows, and technology for the corporate SOC. In particular, the new app provides SOC analysts with deeper visibility into the specialized OT protocols and IIoT devices deployed in industrial control system (ICS) environments, along with ICS-specific behavioral analytics to rapidly detect suspicious or anomalous behavior.
The new application is freely available to the security community through IBM Security App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies. As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against diverse adversaries including nation-states, cybercriminal organizations, hacktivists, and privileged insiders.
The CyberX ICS Threat Monitoring App leverages IBM QRadar, the company’s security intelligence platform which analyzes data across an organization’s infrastructure in real-time to identify potential security threats. Leveraging QRadar’s open API, the app allows CyberX and IBM customers to reduce the risk of targeted attacks and malware that can cause costly production outages, catastrophic safety and environmental failures, and theft of corporate IP.
“Industrial cybersecurity is now a board-level priority for Global 2000 enterprises,” said Nir Giller, CTO and co-founder of CyberX. “As the first ICS threat monitoring app developed for QRadar, CyberX’s new app provides our joint customers with improved visibility to address OT risk plus an essential building block for removing silos between IT and OT security teams. CISOs are telling us that it’s significantly more practical and effective to combine IT and OT incident response in their existing SOCs — especially since IT and OT networks are also converging to support new IIoT initiatives such as smart machines and real-time intelligence about production operations.”
Developed by military cyber experts with nation-state expertise defending critical infrastructure, the CyberX platform delivers continuous ICS threat monitoring and asset discovery. It combines an embedded understanding of industrial devices, protocols, and applications with ICS-specific anomaly detection based on proprietary self-learning algorithms, as well as ICS-specific threat intelligence, risk and vulnerability assessments, and automated threat modeling. The platform enables organizations to reduce OT risk by addressing all 4 requirements of Gartner’s Adaptive Security Architecture, including Detect, Respond, Predict, and Prevent.
Key use cases for the CyberX ICS Threat Monitor App for QRadar include:
- Unified timeline view of all real-time ICS alerts, filtered according to five different analytics engines: cyber anomalies, known malware, protocol violations, operational anomalies, and policy violations.
- Granular integration of alerts with QRadar. Users can choose which alerts appear in QRadar based on severity level, analytics engine, and protocol type (MODBUS, GE SRTP, Siemens S7, etc.).
- Correlation of CyberX alerts with other QRadar intelligence sources, including analytics and logs collected from IT and OT systems, firewalls, and other devices.
QRadar screen shot showing the depth of ICS threat information obtained from the CyberX platform, and how it appears to SOC analysts with CyberX’s new ICS Threat Monitoring App for QRadar.
About CyberX (Twitter: @CyberX_Labs)
CyberX provides the most widely-deployed industrial cybersecurity platform for continuously reducing ICS risk. Supporting all OT vendors and seamlessly integrating with existing IT security tools, CyberX’s platform combines a deep understanding of industrial protocols, devices, and applications with ICS-specific asset discovery, continuous real-time monitoring and incident forensics, risk and vulnerability management, and threat intelligence.
With a long history of innovation, CyberX recently published the first-ever “Global ICS & IIoT Risk Report,” a DBIR-like analysis of real-world vulnerabilities found in 375 production ICS networks worldwide. Additionally, CyberX is the only OT security firm selected for the SINET Innovator Award sponsored by the US DHS and DoD; the only one recognized by the International Society of Automation (ISA); and the only one selected by the government-backed Israeli national consortium providing critical infrastructure protection for the Tokyo 2020 Olympics. For more information visit CyberX-Labs.com.
About IBM Security
IBM’s security platform provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM operates one of the world’s broadest security research and development, and delivery organizations. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.
Deb Montner, Principal
Montner Tech PR