Security is emerging as a key tenet to the successful implementation of digital transformation. This is especially significant as network convergence brings about the inter-operation of IT, OT and industrial IoT networks as security risks and cybercrime rise.
Nozomi Networks and Skybox Security have responded to this challenge by offering a converged network risk profile tool, in the form of a single pane of glass for IT/OT cyber visibility. The response is exemplary among cooperative efforts of governmental and private organizations collecting, sharing, deploying, and responding to cybercriminals in real-time to minimize the impact of these threat actors. This partnership and other collective responses boost the strength of companies to protect their most valuable network-connected and converging assets efficiently and effectively.
The Value Proposition of Network Convergence
There is a fundamental need for real-time collection and centralization of data across a company’s network of IT and OT assets. This data set includes information such as raw material availability, production capability, throughput capacity, inventory management, and real-time reports on distribution network status. The information needs to be available in real-time and correlated across many corporate systems including operational, functional, and regional sources. This is no time for solutions that require extended human normalization and processing of data in third party tools across disparate network sources.
The Weakness of a Single Purpose IT or OT Solution
One of the implications of IT/OT convergence is the rise of the attack continuum, which point solutions can never adequately address. An example of an inadequate single-purpose solution would be to deploy anti-virus software in an IT domain and assume that it protects a non-segmented OT network.
While virus protection software does thwart some attacks, cyber criminals can often bypass software agents and gain access to secure resources. Having entered the IT network, a cybercriminal can pivot through privileged escalation to compromise mission-critical data storage, operational, and OT systems. This behavior is behind many cyberattacks that have recently been reported in the news.
Pivoting attacks can result in customer data loss, control of subsystems and other control apparatus, and the long-term risk of an undetected malicious presence. This type of attack also requires a coordinated system that reports actionable intelligence in real-time, in the environment in which they occur. Without a swift and agile response, a cybersecurity event such as a ransomware scheme can lead directly to financial losses, unwanted exposure in the press, and uncalculated disruption to a very complex solution that may span from the attainment of raw materials to the delivery of product ready for market inventories.
De-Risking Network Convergence
As discussed, convergence is driven by a collection of value propositions that can be undermined by weak security policy. Many key drivers to digital transformation are manifesting across industries. Fundamentally, cybersecurity has entered the mix of challenges that require a response on behalf of asset owners. It is important to insist on achieving the necessary objectives that are promulgating network convergence. Cybersecurity solutions should contribute those objectives and not diffuse their impact.
Together, Nozomi Networks and Skybox Security have partnered to bring to market a single pane of glass view across OT and IT assets and a lifecycle-based approach to mitigate the vulnerabilities most likely to generate exposures and breaches. A multi-actor risk scoring methodology augments the use of CVSS severity level data with exploitability, exposure, and asset importance data. The risk scoring can be tailored to an organization’s unique risk posture, and it enables organizations to more effectively prioritize vulnerability mitigation.
Visibility is essential to combat nefarious network attackers. Tools such as an aggregated dashboard with visibility into OT/IT assets can greatly raise a company’s security profile. This type of solution also precludes the need to externally correlate data that has been gathered from independent systems.
The management platform combines infrastructure context with threat intelligence to unlock unprecedented visibility of the expanding attack surface spanning IT, hybrid cloud, and OT environments. This allows enterprise networking and security teams to comply with corporate and regulatory policies, securely automate changes, reduce misconfigurations, improve cyber hygiene, and prioritize remediation of the riskiest vulnerabilities.