by Gary Mintchell | Nov 19, 2024 | Automation, Security, Technology
I once sold a program to a customer that promised to track and maintain an inventory of one vendor’s technology assets in the plant. The president of another company explained to me about 10 years later about the company’s development of a technology asset discovery and tracking system that had done the program I had sold a quantum leap better.
Obviously, technology asset tracking is a customer need. Now that those controllers and sensors and the like are connected exposing the company to cybersecurity risk, combining this with a security system makes sense.
This news from a company blog post announces just such a merger. Service Now has signed an agreement to acquire Mission Secure to accomplish just that.
Neelima Rustagi writes on the company blog, “This acquisition directly benefits our OT customers in industrial markets such as manufacturing, pharmaceuticals, energy and utilities, oil and gas, and transportation and logistics by enhancing their ability to make informed decisions and optimize their operations. It marks a significant milestone as we continue to expand our portfolio of OT solutions, delivering greater value and efficiency to businesses.”
She further expands on the topic:
Mission Secure technology will enable ServiceNow to provide OT asset visibility, making it easier for organizations to track and manage their OT, such as programmable logic controllers (PLCs), human-machine interfaces (HMIs), sensors, robotic systems, and control modules.
Having a limited view of assets can make it difficult for leaders to understand how to prioritize, manage, and optimize their OT. It’s particularly challenging for organizations in industrial markets due to the complexity of their control systems, networks, and communication protocols. These businesses can no longer afford to operate in the dark.
Through this acquisition, we’ll enable customers to use ServiceNow for OT asset inventory featuring a native discovery capability for OT networks. This will allow customers to monitor traffic to determine what’s on their network and to poll and query devices to get inventory details.
Visibility provides the foundation for managing all workflows. Mission Secure technology creates this visibility by using advanced algorithms. It integrates smoothly into existing workflows, allowing customers to see their asset landscape. This level of visibility enables customers to reduce the impact of human error in change management and resolve OT device issues faster to improve uptime.
By bringing Mission Secure into the fold, ServiceNow is creating a unified platform for digital factories. The new ServiceNow OT discovery capability will enhance OT device metadata available to our OT partners by adding context to the inventory and essential connectivity data. This will help customers maximize operational uptime through integrated workflows and contextualized data insights. We’ll provide even greater flexibility as we continue to grow our partner ecosystem.
The Mission Secure acquisition follows our previous acquisitions of 4Industry and EY Smart Daily Management Application, as well as G2K, broadening ServiceNow’s reach in the digital factory space and strengthening our position in the OT sector. We’re better positioned than ever to offer these essential capabilities and bring even greater value to our customers.
by Gary Mintchell | Nov 14, 2024 | Automation, News, Operations Management, Security, Services, Software
Several news items came my way while I have been traveling. These four are from Siemens. One follows the trend of industrial automation companies incorporating Microsoft Copilot for Augmented Intelligence (AI) application. The company announced expanded collaboration with Service Now. Finally, two releases reflect the ongoing portfolio realignment we are witnessing among all the major automation suppliers—further evidence of a market maturing and consolidating.
Siemens and Microsoft scale industrial AI
Siemens with its collaboration with Microsoft claim they have enabled AI to handle the most demanding environments at scale. Combining Siemens’ domain know-how across industries with Microsoft Azure OpenAI Service, the Copilot further improves handling of rigorous requirements in manufacturing and automation.
Over 100 companies, including Schaeffler and thyssenkrupp Automation Engineering, are currently using the Siemens Industrial Copilot to streamline processes, address labor shortages, and drive innovation. With 120,000 users already leveraging the Siemens engineering software TIA Portal, they now have the opportunity to enhance their work with the genAI-powered assistant.
Since the product’s availability in July 2024, customers across various sectors have started using the Siemens Industrial Copilot for Engineering to boost efficiency. Engineers can now create panel visualizations in 30 seconds and generate code that requires only 20% adaptation. This streamlines workflows, reducing manual effort and addressing the skilled labor shortage. The chat function also provides instant, precise answers, eliminating the need for lengthy searches. By leveraging the Copilot, companies are driving productivity and innovation.
Siemens and ServiceNow strengthen shopfloor security and drive generative AI-powered automation for shopfloor operations
Siemens and ServiceNow announced a new collaboration at the ServiceNow World Forum in Munich, Germany. The companies intend to enhance industrial cybersecurity and drive the integration of generative AI into shopfloor operations. This mutual cooperation leverages Siemens’ Sinec Security Guard for industrial vulnerability management and the Siemens Industrial Copilot for generative AI-powered automation – with ServiceNow providing the workflow automation needed to streamline and enhance factory operations.
ServiceNow’s Operational Technology Service Management (OTSM) suite integrates IT and OT workflows, providing real-time visibility, and automating processes across the entire factory floor. With the addition of Sinec Security Guard, ServiceNow’s OT Vulnerability Response (OT VR) will be further enhanced to include more insights into vulnerabilities of OT equipment, enabling faster detection and remediation of security threats.
Siemens strengthens leadership in industrial software and AI with acquisition of Altair Engineering
Siemens has signed an agreement to acquire Altair Engineering Inc., a leading provider of software in the industrial simulation and analysis market. Altair shareholders will receive USD 113 per share, representing an enterprise value of approximately USD 10 billion. The offer price represents a 19% premium to Altair’s unaffected closing price on October 21, 2024, the last trading day prior to media reports regarding a possible transaction. With this acquisition Siemens strengthens its position as a leading technology company and its leadership in industrial software.
“Acquiring Altair marks a significant milestone for Siemens. This strategic investment aligns with our commitment to accelerate the digital and sustainability transformations of our customers by combining the real and digital worlds. The addition of Altair’s capabilities in simulation, high performance computing, data science, and artificial intelligence together with Siemens Xcelerator will create the world’s most complete AI-powered design and simulation portfolio,” said Roland Busch, President and CEO of Siemens AG. “It is a logical next step: we have been building our leadership in industrial software for the last 15 years, most recently, democratizing the benefits of data and AI for entire industries.”
By adding Altair’s complementary simulation portfolio, with strength in mechanical and electromagnetic capabilities, Siemens enhances Digital Twin to deliver a full-suite, physics-based, simulation portfolio as part of Siemens Xcelerator. Altair’s data science and AI-powered simulation capabilities allow anyone, from engineers to generalists, to access simulation expertise to decrease time-to-market and accelerate design iterations. Additionally, Altair’s data science capabilities will unlock Siemens’ industrial domain expertise in product lifecycle and manufacturing processes.
Siemens to sell airport logistics business to Vanderlande
Siemens AG has agreed to sell its Siemens Logistics business to Vanderlande, a company owned by Toyota Industries Corporation. Vanderlande is a leading global partner for future-proof logistic process automation in the warehousing, airports, and parcel sectors, and with that will be a strategic long-term owner for Siemens Logistics. The purchase price (enterprise value) is €300 million. Closing is expected in the course of calendar year 2025, subject to regulatory approvals.
by Gary Mintchell | Nov 8, 2024 | Automation, Networking, Security
5G private networks appeared to have numerous benefits for industrial and manufacturing companies. I’ve written many times about advances with technologies and applications. This news reports strengthened security capabilities. I’ve had reports of real-world applications of private 5G. How are you all finding it? Useful? A pain to install and maintain?
This news is from a company called Celona which just announced Aerloc, a new suite of security capabilities that provide the next generation of private 5G wireless network security for Industry 4.0. Designed to address the unique challenges of securing increasingly digitized industrial IT and OT systems, Aerloc provides enhanced security and high-speed connectivity without sacrificing agility. New capabilities include extended SIM-based authentication for unified zero trust enforcement, dynamic and distributed policy enforcement, and air-gapping between IT and OT traffic running on a common private 5G network, enabled by Celona MicroSlicing.
Celona also announced expansion of its global channel program, now called the the Celona Frequency Partner Program along with a global partnership agreement with TD SYNNEX to enable resellers and managed service providers to securely deliver private 5G services.
Celona Aerloc delivers the following:
- SIM-based Authentication with Unified Zero Trust Enforcement for IT and OT devices eliminates the need for device-side software or agents. Celona’s open API approach provides native integration with best-in-class security services, such as firewalls, network access control (NAC) systems, and SD-WAN solutions, and is agnostic to their deployment – whether in the cloud, on-premises or in a hybrid setup. Celona Aerloc integrates with other leading enterprise security solutions, including Palo Alto Networks Cortex XSOAR and NGFW, Cisco ISE, and Aruba ClearPass. Celona continues to integrate with other top-tier security vendors through its open API framework to continue to meet evolving enterprise needs.
- Dynamic and Distributed Policy Enforcement to integrate with posture assessment tools, IoT security solutions, and security orchestration automation platforms. Aerloc provides a collaborative security architecture enabling localized and responsive security policy enforcement at a granular level—down to the individual device or user – and at the very edge of the network to significantly reduce the attack surface.
- Air Gap Between IT and OT Traffic using Celona MicroSlicing technology. IT and OT traffic can be securely segmented both physically and logically over the air, on the LAN and within the shared 5G LAN network. This unique intent-based segmentation of IT and OT traffic ensures the separation of critical operational data from general enterprise traffic to maintain security and performance integrity across both environments.
Celona Aerloc is now available as part of the Celona 5G LAN solution.
by Gary Mintchell | Oct 25, 2024 | Automation, Security
Now that we’ve built upon Industry 4.0 and Industrial Internet of Things connecting assets, cybersecurity has become the leader among number of press releases coming to me. It’s the inevitable consequence of networking.
Every day I learn about new words and new approaches to protect industrial assets. Today’s word is “posture management.” And Tenable has announced data security posture management (DSPM) and artificial intelligence security posture management (AI-SPM) capabilities for Tenable Cloud Security.
Tenable Cloud Security exposes risk from across hybrid and multi-cloud environments including vulnerabilities, misconfigurations, excess privilege, that affects data and AI resources. Integrating DSPM and AI-SPM into Tenable Cloud Security enables users to automatically discover, classify and analyze sensitive data risk with flexible, agentless scanning.
AI-SPM features enable customers to confidently forge ahead with AI adoption by enforcing AI and machine learning configuration best practices and securing training data.
Available to all Tenable Cloud Security and Tenable One customers, these new features enable customers to:
- Gain complete visibility and understanding of cloud and AI data – Tenable Cloud Security continuously monitors multi-cloud environments to discover and classify data types, assign sensitivity levels and prioritize data risk findings in the context of the entire cloud attack surface.
- Effectively prioritize and remediate cloud risk – Backed by vulnerability intelligence from Tenable Research, context-driven analytics provides security teams with prioritized and actionable remediation guidance to remediate the most threatening cloud exposures.
- Proactively identify cloud and AI data exposure – Unique identity and access insights enable security teams to reduce data exposure in multi-cloud environments and AI resources by monitoring how data is being accessed and used and detect anomalous activity.
by Gary Mintchell | Oct 2, 2024 | Automation, Security
Fluid would barely begin the description of the market for cybersecurity technology developers. Most news emanating from the sector concerns surveys on threats. People seem to move around often. As another example of that market, Dragos has acquired Network Perception, makers of NP-View, a network visualization platform for OT networks. Dragos notes in its release, “The acquisition will bolster the Dragos Platform with industry-leading OT network visibility along with compliance and segmentation analysis and reporting capabilities tailored to safeguard critical OT environments.”
Dragos believes combining the network capabilities of the two companies will help organizations gain an understanding of their networks that was previously elusive from a single provider. They are now able to see which assets are connecting to which services in their critical networks, as well as which assets can connect to which services.
In the future, through the integration of NP-View’s topology and firewall rules analysis into the Dragos Platform, customers will be able to map their OT environment network topology more effectively, decide where to place Dragos Platform network sensors, map vulnerabilities to attack paths, and evaluate configuration and policy drift. The dual layer visibility into what assets are communicating and what communication paths are possible will be a powerful security and compliance view of the OT environment. NP-View’s network segmentation capabilities will enhance Dragos’s strong defense mechanisms against lateral movement by adversaries within OT environments.
by Gary Mintchell | Sep 4, 2024 | Automation, Security
Cybersecurity initiatives resemble the Whack-a-Mole game. As long as everything is connected, especially to outside environments, securing digital assets will be impossible.
Certainly companies formed to combat these threats are trying. Take this news from Tenable. It has added new risk prioritization and compliance features for Tenable Nessus. Nessus supports new and updated vulnerability scoring systems – Exploit Prediction Scoring System (EPSS) and Common Vulnerability Scoring System (CVSS) v4 – to help customers implement more effective prioritization for risk reduction and maintain compliance.
Due to evolving threats and expanding attack surfaces, organizations rely on multiple risk scoring systems, which are not effective risk qualifiers on their own to determine criticality. With Tenable Nessus, customers can take advantage of the latest industry-adopted vulnerability scoring systems – EPSS and CVSS v4 – and Tenable Vulnerability Priority Rating (VPR) to identify and take action on the vulnerabilities that pose the greatest risk specific to their environment. Leveraging an advanced data science algorithm developed by Tenable Research, Tenable VPR combines and analyzes Tenable proprietary vulnerability data, third-party vulnerability data and threat data to effectively and efficiently measure risk.
Key features in this release include:
- EPSS and CVSS v4 Support enables users to see and filter plugins by EPSS and CVSS v4 score, further informing prioritization strategy. This feature enables security teams to remain compliant with organizational policies that require the use of EPSS or CVSS as the primary scoring system.
- Nessus Offline Mode addresses challenges with conducting vulnerability scans offline in air-gapped environments. Building upon existing offline scanning capabilities, Nessus runs critical services only, removing unwanted traffic generated by functions that rely on an active internet connection, thereby ensuring the security of sensitive data within a secure environment.
- Declarative Agent Versioning On-Prem enables users to create and manage agent profiles in Nessus Manager for Tenable Security Center. Users can specify a product version for an agent deployed in an environment, thereby reducing disruptions in day-to-day operations and enabling users to adhere to enterprise change control policies.
