L’angolo della Start up: intervista a NexDefense (USA)

Giu 30, 2015




Intervista a Doug Wylie, Vice President, Product Marketing and Strategy



1- Why Industrial Internet can expose companies to Security Risks?  What are the main threats to which companies are exposed?
A:  The industrial Internet is a system of systems—and a breakdown or breach in any one subsystem can have a cascading effect, or become a pivot-point for which other attacks can be launched.  Connectivity within industrial control systems enables them to more safely and reliably operate, provides expanded visibility to operations and also allows them to be better maintained throughout their lifecycles.  Some of these same systems even connect into business enterprises to share process and production data.  It’s for these reasons a clear view of the connected devices, plus ongoing monitoring of the infrastructure and known-good traffic patterns are so important.  If unusual activities or abnormal communications are seen, such events can prove invaluable as a leading indicator of failing or failed devices, misconfigurations or even malicious activities.  Yet, still today it can be challenging to find reputable products designed for industrial use that can truly monitor and diagnose these events without any affects on an already functioning system.
2- How NexDefense solution can help organizations defend themselves from Security Threats?
A:  NexDefense recognizes the contemporary challenges that control system owners and operators face as connectivity increases and the need for investments in people, process and technology grow.   Helping to ensure safety and better protect assets and information requires constant vigilance throughout the entire control system operating lifecycle which spans their design, installation, operation and maintenance phases.  The NexDefense Sophia™ product effectively monitors network communications and data exchanges within a control system without any impacts to the system’s operation.  Network data used for control, diagnostics and configuration are all passively captured, analyzed and presented to help operators make real-time decisions and gain a perspective of connected devices, known-good communication behavior, and events that might negatively affect the safety and reliability of the system to which the product is connected.  Once a system’s communications patterns are fingerprinted and baselined, NexDefense Sophia software can compare the network’s current state to the known-good baseline and provide actionable data through a combination of 3-D visuals and detailed event logs.  Unusual events and abnormalities are picked up by Sophia and create alerts and help guide an operator to determine what if any action is needed to accept or react to what the software sees as a mismatch against its previously established norm.

3- Today, what are the Industries that are already investing in Industrial Security Solutions?
A:  Even though there are differences in risk exposure amongst industry sectors, what remains in common across the likes of Energy, Water, Chemical, Transportation and Critical Manufacturing control systems is a trait where a sustained disruption or damage to the systems can have a fairly immediate and far reaching impact.  Individual people, companies, local, state and federal governments and even the global economy can be impacted if asset owners in these sectors can’t safely and reliably monitor and control their systems and provide their services 24×7.  Fortunately, there’s an expanding appreciation of these impacts and they are becoming more widely known to corporate decision makers and boards of directors, many of whom will now at least acknowledge risks and threats and direct their organizations to take action.  Near-misses and growing first-hand experience with incident response are also becoming new norms and, while not all industries are equal in their levels of investment, some sectors like Energy and Oil & Gas are making visible investments and taking progressive steps to reduce risks and share their experiences as a role model for other sectors to follow.

4- Which is the level of awareness of Industrial Security concerns amonst USA companies compared to European companies?
A:  The security concerns and awareness of cyber risks and threats vary greatly between companies—far more than varying by geography.  Every company is unique in its perception of acceptable risk and the result often shows itself through different priorities, attitudes, and expenditures even amongst industry peers when it comes to dealing with risk.  That said, risks and threats that target certain industries more than others and affect critical control systems are certainly not unique to any particular geography and they certainly do not stop at national borders.  In fact, many broad-scale critical infrastructures have evolved in a manner where they deliver their products and services within and across these borders and create interesting and unique country-to-country interdependencies.  With ongoing improvements in real-time information exchange and a greater willingness for industry peers and governments to share threat data, most industry sectors (whether in the USA, Europe or other geographic location) recognize and generally agree that there are actual risks, exposures and true threats out to steal, damage and disrupt operations and production regardless of who you are, or where you are.


Comments are closed.