BOSTON, November 8, 2018 – CyberX, the IIoT and industrial control system (ICS) security company, today announced its industrial cybersecurity platform was used by NIST to recommend new ways of securing manufacturing industrial control systems.
Developed by NIST’s National Cybersecurity Center of Excellence (NCCoE), a newly released report shows how technologies like CyberX enable manufacturing organizations to reduce the risk of disruptive cyberattacks like NotPetya and WannaCry, enable faster incident response and shorter downtimes, and deliver real-time visibility and monitoring of ICS assets and networks.
CyberX uses agentless Network Traffic Analysis (NTA) with patented self-learning to continuously monitor ICS network traffic for anomalies without impacting performance. Alerts are forwarded to standard SIEMs for investigation by the corporate SOC. NIST specifically tested detection of zero-day threats that would not normally be detected by traditional security tools like IDS/IPS systems that rely on predefined signatures.
Examples of anomalies detected by CyberX and documented in the NIST report include:
- Unauthorized devices attached to the ICS network
- Unauthorized remote access to the ICS network
- Network scans using ICS protocols, indicating potential cyber reconnaissance activities
- Unauthorized PLC logic downloads and file transfers between ICS devices
- Communication using undefined function codes in ICS protocols, which may indicate attempts to exploit known vulnerabilities in ICS devices
The report was the product of a close collaboration between the NCCoE, CyberX, and other technology providers such as OSIsoft. It presents detailed findings and a reference architecture that organizations can use for their own environments.
Mapping to NIST Cybersecurity Framework (CSF)
The NIST report documents the use of behavioral anomaly detection (BAD) in two distinct environments: a robotics-based manufacturing system, and a process control system similar to those used in chemical and pharmaceutical manufacturing. In addition, the report maps the security characteristics of BAD to the NIST Cybersecurity Framework (CSF), a practical standard for operationalizing controls based on business objectives.
The NCCoE encourages readers to submit feedback on the draft report and will accept public comments through December 6, 2018. The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity issues. The NCCoE applies standards and best practices to develop modular, easily adaptable example cybersecurity solutions using commercially available technology.
CyberX delivers the only industrial cybersecurity platform built by blue-team military cyber-experts with nation-state expertise defending critical infrastructure. That difference is the foundation for the most widely-deployed platform for continuously reducing ICS risk and preventing costly production outages, safety failures, and environmental incidents.
Notable CyberX customers include 2 of the top 5 US energy providers; a top 5 US chemical company; a top 5 global pharmaceutical company; and national electric and gas utilities across Europe and Asia-Pacific. Strategic partners include industry leaders such as Palo Alto Networks, IBM Security, Splunk, Optiv Security, DXC Technology, and Deutsche-Telekom/T-Systems. For more information visit CyberX-Labs.com or follow @CyberX_Labs.
Media Contact for CyberX: Deb Montner, Principal, Montner Tech PR, 203-984-7861, [email protected]