Network cybersecurity news updates from Indegy, now part of Tenable, and Nozomi’s partnering efforts.
A visitor to the show floor of the annual ARC Advisory Group Industry Forum in Orlando a few years ago might have been surprised at the sheer number of new cybersecurity companies exhibiting. Adding to this number were a couple of established companies who had drunk the kool-aid and established cybersecurity practices.
My first thought, having been down this worn path too many times in my career, centered on how these companies could survive and, indeed, even find enough market to grow. Many companies are formed to sell. I figured that most of these new cybersecurity company founders were as much looking for exits at the Forum as much as looking for customers. Since that time, many have been acquired.
We only hope that, in the long run, this burst of creativity in the field will improve industrial control system (ICS) cybersecurity. Although the recent incident at a Florida water treatment facility shows how far we still need to go.
Tenable Cybersecurity
I had a brief chat with Barak Perelman, VP of OT Security at Tenable and former CEO of Indegy to discuss the threats to cybersecurity opened up by the great dispersion of industrial workers due to the Covid pandemic.
Indegy was an operations technology (OT) firm brought into an IT company (Tenable) in late 2019. This is one way to bring IT and OT together. Perelman told me that overall IT and OT networks are more interconnected than ever. Threats can freely flow between networks. And 67% of OT organizations are reporting new and more sophisticated tactics being used against them.
I asked Perelman who within a prospective customer company Indegy had called on and who was the effective buyer. He said this was the biggest shift of the last two years. The customer was plant manager, engineering manager, etc. Now more likely the buyer is the IT cybersecurity team. The biggest success they’ve seen is with a combination of the forces, for example placing an engineer from the plant on the security team. Strategically, senior-level executives and the board level have become concerned. They went to their CISO first for results. So most Tenable projects are led by IT teams.
Another big change in the market is reflected in his slide deck. He used to have a slide on “air gap” but that has been dropped. “Everyone now understands that everything is connected.”
Prior to the pandemic and the movement to remote work in 2020, companies thought that they didn’t have exposure to remote access. Then they discovered that an engineer somewhere added an unauthorized cell modem for the ability to access the system remotely for troubleshooting purposes. After the pandemic, utilities, for example, have as much remote as possible. Many organizations understood they wouldn’t fight it anymore. If you can’t fight it, then join it.
Nozomi Partnerships
Companies forming partnerships has been one of the biggest trends in the market during the past couple of years. Here are a couple featuring cybersecurity company Nozomi.
Tempered Combines Strengths with Nozomi Networks
Tempered Networks and Nozomi Networks announced a new partnership and product integration to deliver a full-featured industrial security solution for network visibility, threat detection and remediation. The joint offering integrates Nozomi Networks’ leading network visibility, threat detection and incident response system with Tempered Network’s Zero Trust policy enforcement and centralized software-defined perimeter management console. Today’s sophisticated security threats are driving requirements for not only extreme visibility and intelligent threat detection, but also automated remediation that can lock-down vulnerable systems while ensuring continued availability for authorized access and continuity of business.
“As the leader in OT and IoT security visibility and threat detection, Nozomi Networks gives us a powerful partner to deliver greater insight and remediation capabilities to our customers,” said Jeff Hussey, Founder and CEO of Tempered Networks. “The AI-powered network analysis and anomaly detection that they provide can drive more accurate micro-segmentation and security policy enforcement into our Airwall platform, providing a more secure, rapid response approach against industrial-grade network attacks.”
“Tempered Airwall delivers the military-grade encryption and secure access policy enforcement that many of our joint customers rely upon to quickly remediate anomalies and threats in their networks,” said Chet Namboodri, Nozomi Networks Senior Vice President of Business Development and Alliances. “The combination of threat visibility and automated enforcement significantly improves security response. Ubiquitous threats like the SolarWinds attack continue to emerge and industrial connectivity for remote work and connected smart devices continue to accelerate. Our combined offerings provide strong detection and defense against the rapid proliferation of advanced persistent threats, actively buttoning down attack surfaces.”
The product integration includes the ability of Tempered to mirror secure traffic to Nozomi Networks solutions through a fully encrypted overlay for greater analysis and insight. Armed with AI-driven insights from Nozomi Networks, Airwall customers can take remediation steps or refine Tempered security policies through the Airwall Conductor management console API. The Nozomi Networks solution and Tempered Networks Conductor work in concert to refine Airwall zero trust policies and address identified threats, going beyond the capabilities of traditional network security devices like firewalls or remote access solutions.
“A two-way integration of network monitoring of IoT devices and secure, zero-trust, communications is brilliant,” said Richard Stiennon, industry analyst with IT-Harvest and author of Security Yearbook 2020. “Ensuring that all communications is stealthed and encrypted while preserving visibility into traffic is a winning combination.”
NanoLock Security and Nozomi Networks to Provide End-To-End Cyber Protection for Critical and Industrial Infrastructures
NanoLock Security, a leader in OT and IoT device-level protection and management and Nozomi Networks Inc, a leader in OT and IoT security and visibility, announced they have partnered to provide an end-to-end cyber protection and management solution to secure OT in critical and industrial infrastructure. The joint solution will be deployed in the Atlantica Cybernext Security Operations Center (SOC) to serve clients with the most technologically advanced solutions for protecting their business and infrastructure.
Nozomi Networks’ real-time OT and IoT security solution provides network visibility, threat detection, and operational insight for OT and IoT environments, while NanoLock’s device-level protection and management solution tackles the rapidly growing Advanced Persistent Threats (APT) from both outsider and insider adversaries.
Together, the joint security solution from NanoLock and Nozomi Networks introduces a holistic approach that spans the entire IoT and OT network. Adding NanoLock’s device-level protection and forensic data to Nozomi Networks’ advanced network visibility, threat, vulnerability and anomaly detection extends cybersecurity coverage to include:
- Lightweight, passive cyberattack prevention for devices such as smart meters, data concentrators, and controllers, with near-zero processing, power requirements and memory footprint
- Anomaly detection covering the network as well as IoT and OT devices
- Unified alerts and deeper device-level as well as network-level forensic data
- Centralized device visibility, risk monitoring, and intelligence management
- Secured and enforced OTA (Over-The-Air) device updates
“With cybersecurity threats to critical infrastructure on the rise, our partnership with NanoLock Security delivers advanced, end-to-end protection,” said Chet Namboodri, Nozomi Networks Senior Vice President of Business Development and Alliances. “We’re teaming with NanoLock to strengthen utilities’ defenses against cyberattacks, using robust device and network-level detection and protection alongside extensive network visibility and risk assessment.”
“We’re delighted to partner with Nozomi Networks to introduce a broader IoT and OT cybersecurity solution,” said Yanir Laubshtein, NanoLock’s Vice President of Cyber Solutions. “We see a critical need for a cybersecurity solution that starts at the device level and spans the network to bring comprehensive detection, protection, and management. Our joint offering addresses that need, while also bringing operational efficiency analytics to critical and industrial infrastructure.”
