Intelligent CISO Issue 21 | Page 19

cyber trends The second thing is, due to the political instability, everyone’s ramping up both offensive and defensive capabilities. Because it’s a race out there and we see certain states which have military units that do offensive and defensive ICS cybersecurity, quite publicly as well, they churn out a lot of graduates so that’s something at the forefront of minds. these networks can be very sensitive, the operators are very wary of any disruptions to the stuff that they’re doing. Can you give an overview of the kinds of solutions that you’re offering? We do two things differently. First, all the data and everything we collect is completely passive. We look at the network traffic and based on that we provide full visibility of the infrastructure. You can have no security without visibility. We see the assets on the network, what the network looks like and the industrial process itself. If we look at OT security 10 to 15 years back, there were a couple of issues. First was cost – it would cost maybe US$500,000, as an example, to secure a plant. Then we have cybersecurity controls, the typical ones that you would see such as signatures, sandboxing, things like behavioural analytics and threat feed intelligence. The other challenge is that devices have to be put inline to the network. And Usually for us, following the initial approach from a customer, we’ll try to www.intelligentciso.com | Issue 21 go as quickly as possible and speak to the operators, the guys in the plants or pipeline or airports, or whatever it is, and say: ‘you guys probably don’t want to do cybersecurity, because you have an operation to run. ‘But what if I can help you with asset management, troubleshooting, predictive maintenance, etc.’ So we are able to add that value to the operators. I think we’re in a kind of unique position where we start off as a cybersecurity solution and then the people that are typically less keen on cybersecurity usually become the biggest proponent. But it’s very straightforward – it’s basically an appliance that sits on the side of the network, looking at a copy of all the network traffic. 19