Cisco partners with Radiflow for its expertise in OT security

Couldn’t attend Transform 2022? Check out all the top sessions in our on-demand library now! Look here.

With the advent of Industry 4.0, industrial networks are increasingly digitized.

But while this brings significant gains in productivity, quality and efficiency, it introduces new – and never before considered – vulnerabilities in cybersecurity.

Due to their critical nature, operational technology (OT) networks – digital networks on the production floor – require specific security tools beyond those used in IT networks themselves. Intrusion Detection Systems (IDS) are considered one of the most effective of these tools, as they passively monitor network traffic and pose no risk to ongoing operational processes.

To counter the growing threats and attacks, cybersecurity firm Radiflow today announced a technology partnership with Cisco to deliver IDS in Cisco-managed OT facilities.

Event

MetaBeat 2022

MetaBeat will bring together thought leaders to offer advice on how metaverse technology will change the way all industries communicate and do business October 4 in San Francisco, CA.

Register here

“The shortage of resources with expertise in OT security is quite high and continues to grow,” said Ilan Barda, co-founder and CEO of Radiflow. “As such, it’s important to use such integrations to reduce the need for manual work.”

OT facilities like Cisco’s are a growing attack surface

Barda described an “alarming” increase in cybersecurity attacks on OT facilities.

So far, a Trend Micro survey of industrial cybersecurity in manufacturing, power, and oil and gas companies revealed that nine out of 10 organizations had been affected by cyber-attacks in manufacturing or energy supply in the past 12 months. The average cost of such attacks was $2.8 million, with more than half (56%) of respondents saying the disruptions lasted four or more days.

Also Check:   Is Unice Hair Legit or Scam? Know Here

Such disruptions have led to new and evolved security tools: According to a recent report from MarketsandMarkets, the size of the OT security market will grow from an estimated value of $15.5 billion in 2022 to $32.4 billion in 2027, representing a compound annual growth rate (CAGR) of nearly 16%.

The report cites the increased use of digital technologies in industrial systems, strict government regulations regarding the Common Industrial Protocol (CIP) to drive adoption of OT security solutions, and convergence of IT and OT systems as the key factors driving the stimulate market growth.

Simple, fluid controls

Cisco’s Network Access Control (NAC) is a widely used tool for protecting IT networks. It supports network visibility and access control through policy enforcement on devices and users of corporate networks.

While many companies rely on it to secure their network access control systems, building management systems (BMS) often have no way of addressing industry-specific needs or protecting against greater cybersecurity risks, Barda said. In BMS settings, OT security systems must take into account specific needs and critiques of different subsystems, e.g. HVAC or elevator operation, which are often supervised by different personnel and departments.

Also Check:   Is Rolling Cart Legit Website or Scam? Know Here

To deploy IT-oriented tools in OT networks and detect anomalies, mature IDS tools like the Radiflow platform are needed, Barda said. It integrates directly into Cisco’s popular BMS, protects connected devices that don’t have built-in access controls, and adds a layer of protection to a variety of OT networks, keeping security operations “simple and fluid.”

This new integration “helps mitigate an inherent problem in industrial networks, as many of these devices were never designed with built-in access control, which creates a whole host of cyber vulnerabilities,” Barda said.

Controlled, limited connection

As Barda explained, the most common cybersecurity problem in OT networks is unauthorized changes to the network topology, for example, a technician’s laptop is connected to the network and has no restrictions on what he can do in the network. Another risky issue, Barda said, is that changes to device software — even without malicious intent of any kind — can also alter the device’s communication patterns, causing damage to other devices.

Radiflow’s IDS solution discovers network assets and communication patterns, maps inventory details and vulnerabilities, and detects network anomalies. Users at Cisco facilities can distinguish the basic behavior of assets and any deviations in behavior patterns.

“Built-in access control mitigates such threats as each device is connected in a controlled and limited manner,” Barda said.

Increased automation

Barda explained that the platform passively monitors OT network traffic using a span port from the network’s main switches.

Also Check:   Is Reatdeaf Legit or Scam? Know Here

To maximize the coverage of the OT network, Radiflow also provides smart collectors that can connect to the span ports of external subnetworks and send the relevant data to the server in an optimized way, he said.

Radiflow’s DPI engine analyzes network traffic and creates a database of network assets, their inventory details and their normal baseline behavior patterns, Barda said. The asset database has been expanded with data on their known common vulnerabilities and exposures (CVEs) and can be displayed graphically or exported to other asset management tools.

Once the baseline of normal behavior is stable, the platform switches to “detection mode” and uses its DPI engine to detect anomalies in traffic flows, Barda said. Such deviations may include:

Changes in network topology. Changes in communication patterns. Industrial asset firmware and logic changes. Signatures of known characteristics of cyber attacks. Deviations in industrial commands or in process ranges.

These anomalies generate events in the platform and are reported to other security control center tools using syslog.

Ultimately, Barda said, “they greatly simplify both network security and asset management, especially in complex IT-OT networks.”

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Discover our briefings.

This post Cisco partners with Radiflow for its expertise in OT security

was original published at “https://venturebeat.com/security/cisco-partners-with-radiflow-for-its-ot-security-expertise/”

Leave a Comment