Safeguarding civilization, one industrial control at a time
DECEMBER 8, 2020 • BLOG POST • ABHISHEK SHUKLA, MANAGING DIRECTOR AND TODD H. POOLE, PRINCIPAL, HEWLETT PACKARD PATHFINDER
IN THIS ARTICLE
- Industrial devices expose a new generation of cybersecurity threats
- Companies face a set of unique challenges to secure their OT networks
- Dragos delivers a level of near real-time, situational awareness and monitoring capabilities
- The HPE and Dragos solutions could allow a new level of visibility for cyber threats
Dragos protects industrial control systems within a changing threat landscape
For the past 30 years, the term “cybersecurity” has been synonymous with the protection of our everyday computing tools such as smartphones, tablets, laptops, desktops, and servers. But in recent years, there’s been a Cambrian Explosion in connected devices. Today, everything from consumer televisions to fridges to commercial aircraft engines and industrial power plants are online, and according to Gartner, the enterprise and automotive IoT markets alone will soar to 5.8 billion endpoints in 2020—up 21% from 2019.
These newly connected industrial devices are creating immense opportunities for their operators, but they’re also exposing the industrial networks of those operators to a new generation of security threats. Enter Dragos, a global leader in industrial cybersecurity and Hewlett Packard Enterprise’s (HPE) latest cybersecurity investment.
Industrial (ICS/OT) Cybersecurity is a Different World
Not so long ago, cybersecurity was fairly straightforward. Enterprises safeguarded the digital assets and data on their networks with strong perimeter protection, identity/authentication, and other layers of security. But as operational technology (OT) grew to be ever more connected and the Industrial IoT matured, a whole new breed of threats emerged. The Stuxnet attack marked a turning point that changed the course of industrial cybersecurity history, and helped entire industries realize that OT equipment was uniquely vulnerable to hacking.
A new wave of cybersecurity companies sprung up to focus on industrial control system (ICS) protection. But industrial security is different than enterprise IT security and comes with its own difficulties. It requires understanding and mastering the myriad language and industrial protocols that ICS devices and systems use to communicate.
OT companies face a set of unique challenges in securing their networks. Visibility into the specific devices connected to an OT network (turbines, transformers, mixers, centrifuges, boilers, PLCs, robots, etc.) is imperative as there are thousands of different makes and models of industrial manufacturing equipment. Equally important is understanding how the equipment should behave during normal operations, which is more challenging in a production environment. Finally, it is crucial to not break anything while investigating issues. Unlike IT, which operates on a best effort basis, OT systems control physical processes which often are deterministic, with systems designed to function a certain way, every time. With OT, you can’t simply re-send packets, turn the device on or off, or make it run faster or slower as production could be interrupted, equipment could be damaged or lives could be lost.
Understanding these challenges—let alone solving them—requires the mastery of an uncommon set of technical skills and expertise that span several niche subject matter domains. Fortunately, Dragos is anything but common.
Dragos Wrote the Book on ICS/OT Cybersecurity
Those familiar with Dragos often describe its mission as “safeguarding civilization.” Their goal is to help defend the mission critical infrastructure and machinery that provide running water, functioning electricity, operational factories, and safe industrial environments.
Their products include the Dragos Platform, which companies deploy to monitor, detect, and respond to threats. The platform provides a level of near real-time, situational awareness, and monitoring capabilities unparalleled in the industry today. Although several other players in the OT security space have tried to offer similar products, none have been able to consistently deliver the deep insights and advanced warnings that Dragos has. This unique form of visibility helps organizations prepare for, detect, and respond to potential threats to their operational technology before they become practical problems.
CEO and Founder, Robert M. Lee, is a major heavyweight in the industry. A pioneer in industrial cybersecurity, Rob has been a frequent keynote speaker at global security conferences and has testified before the U.S. Senate Energy and Natural Resources Committee. The team consists of subject matter experts and leaders that are veterans of industrial security and have been involved in the industry since its inception. They’ve investigated, discovered the causes, and responded to incidents such as the Ukraine 2015 power grid attack. Dragos also analyzed the TRISIS malware responsible for a major petrochemical facility attack in 2017.
With all these advantages, it’s not surprising that Dragos has been phenomenally successful in winning major contracts. Founded in 2016, Dragos has rapidly grown to 217 employees serving more than 160 customers—many of which are Fortune 500 companies. The company is well-positioned for incredible growth across a diversity of industries - including electric, oil & gas, manufacturing, mining, chemicals, and transportation.
How Does Dragos Complement HPE?
HPE Pathfinder believes the performance, credibility, and sales prowess of Dragos can add tremendous value to HPE customers and partners. Dragos’s solutions could help enhance HPE’s offerings, providing better intelligence and faster responses to threats at the network edge where OT and IT often converge. It’s a powerful combination for customers in the oil and gas, automotive, and chemical manufacturing industries.
As IIoT initiatives continue to expand to utilities, energy production, and other massive sectors, the importance of cybersecurity will only continue to grow. Together, HPE Pathfinder and Dragos are committed to making these essential environments safer than ever and helping operators convert their murky OT network maps from “Here Be Dragons” to “Here Be Dragos.”