New Interoperability Enables Critical and Industrial Infrastructure Organizations to Unify IT/OT Security Governance Via a Single Platform
BOSTON, Mass., June 27, 2018 – CyberX, the IIoT and industrial control system (ICS) security company, today announced that RSA has certified CyberX’s enterprise-class platform as interoperable with the RSA NetWitness® Platform.
The new interoperability enables CISOs to rapidly address OT security while leveraging existing investments in incident response workflows and orchestration, trained personnel, and RSA NetWitness technology. Additionally, it supports implementation of a unified IT/OT security governance strategy.
According to Wam Voster, Gartner Research Director, “Organizations with both IT and OT struggle with the coexistence of two separate security and risk management functions. This leads to a dispersed view on the overall operational risk the organization is facing. In a continuously evolving threat landscape, a single established security and risk management function is better-positioned to address these threats across both IT and OT. A single leader of this function can also be held accountable for the organization’s overall digital risk. As an added benefit, scarce security resources can now be deployed to address both IT and OT.” 1
Industrial and critical infrastructure organizations are increasingly concerned about OT threats that can lead to costly production downtime, catastrophic safety failures, environmental damage, and theft of corporate IP. CyberX mitigates ICS/SCADA risk with proprietary, ICS-aware self-learning engines that deliver immediate insights about ICS assets, vulnerabilities, and threats — in less than an hour — without relying on rules or signatures, specialized skills, or prior knowledge of the environment.
“OT security is now a board-level issue, given the unprecedented level of ICS threats from nation-states, cybercriminals, hacktivists, and malicious or careless insiders,” said Matthew Chase, Senior Manager of Technical Alliances for RSA NetWitness Platform. “The new interoperability enables our joint customers to accelerate ICS detection and response by gaining access from their existing RSA NetWitness consoles to CyberX’s continuous, real-time visibility into ICS-specific protocols, devices, and threats, leveraging full-fidelity packet data.”
In particular, the new interoperability between CyberX and RSA NetWitness Platform enables organizations to:
- Identify new or unauthorized devices on their ICS networks.
- Rapidly detect malicious traffic from IT and OT malware such as NotPetya and TRITON.
- Respond to anomalous activity such as communication between devices that have never previously communicated with each other, malformed ICS packets, and unexpected traffic for standard ICS ports.
- View alerts on suspicious or risky behaviors such as the use of plain-text passwords, PLC programming changes, or unauthorized remote access by employees or third-party maintenance vendors.
- Address operational issues that can cause production downtime such as unresponsive devices and failed service requests.
“RSA has a long history of helping organizations reduce risk via business-driven security,” said Buck Watia, VP of Alliances & Business Development at CyberX. “As threats continue to evolve and increasingly target our critical industrial infrastructure, we’re partnering to help our customers better protect their ICS assets as part of their converged IT & OT security strategy. We’re honored to be working with RSA to protect the global critical infrastructure upon which we all depend every day. This is just the first step in our integration with RSA’s comprehensive portfolio for threat detection and risk governance.”
Users of the CyberX platform and RSA NetWitness can find more information including detailed installation guides at https://community.rsa.com/docs/DOC-85895.
Founded by military cyber-experts with nation-state expertise defending critical infrastructure, CyberX provides the most widely-deployed platform for continuously reducing ICS and IIoT risk.
CyberX is a member of the Palo Alto Networks Application Framework developer community and the IBM Security App Exchange Community, and has partnered with premier MSSPs and solution providers worldwide including Optiv Security, DXC Technology, and Deutsche-Telekom/T-Systems. For more information, visit CyberX-Labs.com.
 Gartner, “How to Organize Security and Risk Management in a Converged IT/OT Environment,” by Wam Voster, 4 August 2017.