Making Control Systems Connected And Safe

by Sohini Bagchi    Feb 15, 2017


Control systems are the heart of industrial facilities. As the industry becomes increasingly connected, industrial control systems (ICS) operations need to adapt to the new global environment. However, like most other systems in the connected economy, control systems in the industrial world are exposed to targeted cyber-attacks, making them highly vulnerable. “Along with benefits, connectivity opens the door to an entire range of cybersecurity risks and vulnerabilities,” noted Shmulik Aran, CEO of NextNine, an US and Israel-based provider in Industrial Control Systems (ICS) and OT security management. The company is also looking to strengthen its footprints in India.

In a recent conversation with CXOtoday, Aran explains the recent disruptive trends in the ICS space, the company’s comprehensive solution for ICS security ICS Shield and discusses NextNine’s plans for the Indian market. Excerpt.

CXOToday: What according to you are some of the big disruptive trends in the Industrial Control Systems (ICS) space?

Many years ago, physically isolating industrial equipment and operational technology was sufficient for security purposes. Recently, many industrial enterprises have been rolling out what is now commonly referred to as Connected Operations. IoT is now being leveraged to extract large volumes of operational information from ICS equipment and Big Data analytics is being used to help management make data-driven decisions to improve productivity, profitability and safety.

Along with benefits, connectivity opens the door to an entire range of cybersecurity risks and vulnerabilities. Bad actors understand impact of attacks on OT infrastructure with the now infamous 2015 attack on the Ukrainian Kyivoblenergo power grid as a classic example. Hackers caused widespread power outages after gaining unauthorized access to the OT network. Today, as OT infrastructures and IT networks are being increasingly merged, industrial enterprises must have a strategic plan and means to maintain a strong security posture, while benefiting from connected operations. This certainly is not a trivial task and rather it is an essential and ongoing security endeavour that all industrial enterprises must address.

CXOToday: How are you positioning your solution ICS Shield solution for protecting ICS environments?

Nextnine ICS Shield is a comprehensive solution for ICS security management fortifying even the most complex multi-plant and multi-vendor environments.

For industrial enterprises, ICS Shield acts as a unified security and operations command center for automating the deployment and enforcement of operational-wide security policies. ICS Shield initially conducts an exhaustive discovery cycle in order to build a complete inventory of all operational assets. After all, you need to know what’s out there if you want to protect it! This inventory serves as the baseline for creating ICS security management policies. The solution also creates a unified framework for establishing secure remote access according to granular policies and hardening the industrial network with security essentials, such as patching, antivirus protection, log collection, compliance reporting and more.

CXOToday: What is your go-to-market strategy for reaching out to different market segments?

The types of industrial enterprises that are benefiting from our ICS Shield solution include a variety of manufacturers and providers of critical infrastructure. We typically partner with Managed Security Service Providers (MSSPs) on the deployment. Many of our MSSP partners are using ICS Shield as the basis for the ongoing ICS security management services that they provide to their industrial customers. Some of our MPSS partners also use ISC Shield as part of the consulting projects they provide. Some of our MSSP partners include Wipro, Cisco, TCS and BAE Systems.

Also, as part of our go-to-market strategy, we have strong global partnerships with system integrators and many of the leading automation vendors, including Honeywell, Schneider-Electric, ABB, Rockwell and Yokogawa. System integrators use ICS Shield to deliver customized solutions to their customers. Automation vendors are not only using ICS Shield to protect their systems, but also to take part in the multi-vendor cyber-protection market as a system integrator or MSSP.

CXOToday: What are your primary geographies of focus today?

Currently, ICS Shield is supporting the ICS security efforts of over 6,000 plants. ICS Shield is by far the most used ICS security management solution today and we are very proud of this fact. Approximately 50% of the ICS Shield end users are in North America. The remainder are split between developed and emerging markets across EMEA, APAC and Australia.

In terms of vertical markets, customers using ICS Shield include industrial enterprises in the oil & gas, mineral, mining, materials, pharmaceutical, medical, maritime, packaging, pulp & paper, utility, chemicals and food sectors.

CXOToday: What kind of product innovations can we expect from NextNine in the year 2017?

First of all, we have developed a unique approach to asset discovery and inventory that utilizes both active and passive techniques. This allows ISC Shield to discover a complete inventory of all industrial assets from the HMI or the Historian down to the PLCs and even the sensors. We are constantly expanding these discovery capabilities and the types of information that can be extracted.

It is important to point out that alternative solution that rely on just passive techniques will gather only a partial inventory, while active only techniques are obtrusive and can threaten the availability of many types of industrial equipment. We have found that combining the approaches works best - passive detection where it’s a must and a deeper, active asset discovery where it makes sense.

In addition, we are continually adding support for new regulatory frameworks. In a growing number of countries, such as the United States, Germany and Singapore, there are clearly defined regulations for protecting critical infrastructure. In the United States, for example, compliance to NERC CIP versions 5 and 6 has become a must for electricity suppliers.  

CXOToday: What kind of growth opportunities are you looking at and from where will this growth come from?

Most industrial enterprises are now just waking up to the cyber security risks of connected operations and this is currently keeping us very busy. SCADA networks represent a huge potential upside for us as there are tons of SCADA systems out there with inherent security vulnerabilities that should be addressed as soon as possible. For example, SCADA networks are used for train and other public transportation as well as in homeland security applications in ports and on borders. We see opportunities in these sectors developing soon.