The manufacturing sector is rife with unprotected Internet of Things (IoT) sensors and gadgets, lots of them built-in into enterprises’ mission-critical programs. The ensuing gaps make operations expertise (OT) and knowledge expertise (IT) networks susceptible to devastating cyberattacks.
Visibility is vital. Shivan Mandalam, director of product administration for IoT safety at CrowdStrike, informed VentureBeat that “it’s essential for organizations to eliminate blind spots associated with unmanaged or unsupported legacy systems. With greater visibility and analysis across IT and OT systems, security teams can quickly identify and address problems before adversaries exploit them.”
Honeywell’s acquisition of Israel-based SCADAfence, a number one supplier of OT and IoT cybersecurity options, is only one instance of the manufacturing business attempting to catch up, shut these gaps and defend in opposition to growing numbers of ransomware assaults.
Manufacturing: An business below siege
Anything that stops a store ground from working can rapidly price a enterprise hundreds of thousands of {dollars}. That’s why ransomware assaults on producers generate hundreds of thousands in payouts. Hundreds of producers pay ransomware calls for with out disclosing that reality to clients.
Gartner predicts that the monetary influence of cyber-physical system (CPS) assaults will attain greater than $50 billion by 2023. Recovery from a typical manufacturing breach prices $2.8 million. Not solely that: Nearly 9 in 10 producers which have suffered a ransomware assault or breach have additionally had their provide chains disrupted.
Honeywell acquires SCADAfence to shut the hole
Honeywell’s SCADAfence acquisition offers the manufacturing large “with additional technology and expertise that help accelerate our innovation roadmap … and support rapidly evolving customer requirements,” Michael Ruiz, GM of Honeywell Cybersecurity Services, stated in a current interview with VentureBeat.
The acquisition will ship an built-in platform to producers, course of industries and infrastructure suppliers at a time when assaults are escalating.
“SCADAfence is an ideal complement to Honeywell’s OT cybersecurity portfolio, and when combined with the Honeywell Forge Cybersecurity+ suite, it enables us to provide an end-to-end solution with applicability to asset, site and enterprise across key Honeywell sectors,” stated Ruiz.
Key focus areas embody asset discovery, risk detection and compliance administration, he informed VentureBeat. “Our plan is to have the SCADAfence product portfolio integrate into the Honeywell Forge Cybersecurity+ suite within Honeywell Connected Enterprise, Honeywell’s fast-growing software arm with a strategic focus on digitalization, sustainability and OT cybersecurity SaaS offerings and solutions.”
Building on course of evaluation and integration experience
Known for its course of evaluation and integration experience, Honeywell is concentrating on the way it can benefit from its strengths in these areas and obtain scale rapidly with the brand new acquisition.
“This integration will enable Honeywell to provide an end-to-end enterprise OT cybersecurity solution to site managers, operations management and CISOs seeking enterprise security management and situational awareness,” stated Ruiz.
SCADAfence CEO Elad Ben Meir additionally commented on the synergies between the businesses. “We are thrilled to join Honeywell as we work towards fulfilling our mission of empowering industrial organizations to operate securely, reliably and efficiently,” Ben Meir stated in a press launch. “This combination creates a significant opportunity for growth, allowing us to combine our top-tier OT cybersecurity products with one of the world’s leading companies in industrial software.”
The deal expands Honeywell’s cybersecurity middle of excellence in Tel Aviv, the place SCADAfence is headquartered. Ruiz informed VentureBeat that probably the most beneficial facets of the acquisition is that Honeywell will have the ability to “nearly double our research and development for OT cybersecurity, probably becoming one of the larger OT cybersecurity research and development organizations out there.”
Why Honeywell moved to amass SCADAfence
The IBM Security X-Force Threat Intelligence Index discovered that manufacturing is essentially the most attacked business worldwide: The sector accounted for 23% of all ransomware assaults final yr. More than six in 10 breach makes an attempt on producers first focused OT programs important to manufacturing operations.
Research agency Dragos predicts that ransomware assaults on industrial organizations will speed up this yr. Dragos’ most up-to-date Industrial Ransomware Attack Analysis from Q2 2023 discovered that 47.5% of ransomware assaults tracked globally impacted industrial organizations and infrastructure in North America, a rise of 27% over the past quarter.
All informed, seven out of 10 ransomware assaults in Q2 had been geared toward manufacturing, adopted by the economic management programs (ICS) gear and engineering sector, which accounted for 16% of assaults.
The speedy rise in Fileless malware assaults displays this pattern. Fileless malware is designed to evade detection by cloaking its presence utilizing reputable instruments. Kurt Baker, senior director of product advertising for CrowdStrike Falcon Intelligence, writes that “fileless malware is a type of malicious activity that uses native, legitimate tools built into a system to execute a cyber-attack. Unlike traditional malware, fileless malware does not require an attacker to install any code on a target’s system, making it hard to detect. This fileless technique of using native tools to conduct a malicious attack is sometimes referred to as living off the land or LOLbins.”
Closing OT/IoT blind spots
Security suppliers are upping their video games.
Last yr at Fal.Con 2022, CrowdStrike augmented Falcon Insight, launching Falcon Insight XDR and Falcon Discover for IoT that concentrate on safety gaps in and between industrial management programs (ICSs).
Ivanti, for its half, has efficiently launched 4 options for IoT safety: Ivanti Neurons for RBVM, Ivanti Neurons for UEM, Ivanti Neurons for Healthcare — which helps the Internet of Medical Things (IoMT) — and Ivanti Neurons for IIoT primarily based on the corporate’s Wavelink acquisition, which secures Industrial Internet of Things (IIoT) networks.
Other main suppliers providing IoT cybersecurity options embody AirGap Networks, Absolute Software, Armis, Broadcom, Cisco, CradlePoint, CrowdStrike, Entrust, Forescout, Fortinet, Ivanti, JFrog and Rapid7.
AI and cybersecurity
Airgap Networks has created probably the most revolutionary approaches to closing the OT-IT hole. Its Zero Trust Firewall (ZTFW) combines agentless microsegmentation, safe entry for important belongings and community and asset intelligence. Airgap’s distinctive method offers its clients with the choice of absolutely segmenting legacy servers, ICS, IoT and personal 5G endpoints. The platform also can combine right into a working community with out brokers, {hardware} upgrades or main machine adjustments.
VentureBeat interviewed Ritesh Agrawal, CEO of Airgap Networks, instantly following its launch of ThreatGPT, the corporate’s ChatGPT integration with the Airgap Zero Trust Firewall. Agrawal informed VentureBeat: “Because ThreatGPT is fully integrated into the core of the ZTFW architecture, our customers can use all available data to train the models. I believe we are first to market with this.”
ThreatGPT makes use of graph databases and GPT-3 fashions to assist SecOps groups achieve new risk insights. The GPT-3 fashions analyze pure language queries and establish safety threats, whereas graph databases present contextual intelligence on endpoint visitors relationships.
Agrawal informed VentureBeat that, “IoT puts a lot of pressure on enterprise security maturity. Extending zero trust to IoT is hard because the endpoints vary, and the environment is dynamic and filled with legacy devices.”
Asked how producers and different high-risk business targets might get began, Agrawal suggested that “accurate asset discovery, microsegmentation and identity are still the right answer, but how to deploy them with traditional solutions when most IoT devices can’t accept agents? This is why many enterprises embrace agentless cybersecurity like Airgap as the only workable architecture for IoT and IoMT.”
By Louis Columbus
Originally printed through: VentureBeat