CyberX, a provider of the most widely-deployed industrial cyber security platform for continuously reducing ICS risk, has announced new breach and attack vector simulation technology that incorporates proprietary analytics to continuously predict and help prevent targeted attacks on critical Operational Technology (OT) assets.
An industry first, CyberX's new ICS Attack Vector Prediction technology generates a visual representation of all possible attack chains — ranked by risk — that can compromise critical OT assets such as robotics machinery in manufacturing plants and circuit breakers in electrical substations. This innovative approach immediately highlights the most important security gaps, enabling OT security teams to proactively mitigate risk and prioritize mitigation activities based on the most likely attack scenarios — enabling more effective use of limited skilled resources and narrow maintenance windows.
Security teams can quickly simulate what-if mitigation actions to continuously adjust their security posture and reduce their attack surface, such as "If I isolate or patch this insecure device, does it eliminate the risk to my most critical assets?" In addition, visualization of potential breach paths (see screen shot) helps business management and OT stakeholders more easily understand the business impact of top risks to their most valuable assets.
"Targeted attacks and malware pose real and demonstrable risks to critical infrastructure and industrial organizations," said Nir Giller, CTO/CISO and co-founder of CyberX. "But as we've seen from recent attacks, it's not always practical to patch or upgrade older ICS/SCADA systems and devices. CyberX's new ICS Attack Vector Prediction technology helps security teams dramatically increase OT resilience by validating precisely which mitigations — such as network zoning or stronger authentication — can effectively eliminate the attack vectors with the highest risk of compromising critical assets."
Proprietary Analytics Enable Attack Vector Simulation Without Impacting OT Infrastructures
CyberX's attack vector simulation is based on its detailed analysis of all network and endpoint vulnerabilities identified by CyberX's agentless asset discovery and vulnerability assessment technology. Unlike active vulnerability scanning approaches developed for IT rather than OT environments, the CyberX platform combines a deep understanding of industrial protocols and industrial devices with non-invasive network traffic analysis (NTA), in order to comprehensively identify OT vulnerabilities without impacting OT networks or causing downtime of operational assets.
CyberX was the first industrial cyber security company to enrich its platform for continuous monitoring and ICS behavioral analytics with ICS vulnerability assessments, and the first to establish an in-house ICS threat intelligence research team. Composed of world-class cyber experts with nation-state experience defending critical infrastructures, CyberX's R&D team developed its Attack Vector Prediction technology using their deep expertise about industrial networks and real-world attacker tactics.
Subscribe to our newsletter for all the latest updates and special offers.
Click Here To view archive additions