Today we announced an extension of our partnership with 1898 & Co, which revolves around our common solutions framework. While I’m personally excited about the solution strategy, automation workshops, and consulting services that our joint framework enables, I want to explain why we started this joint venture.
OT cybersecurity challenges
No modern industry is immune to operational, technological, process and security challenges that require an automated solution. As operational technology (OT) and information technology (IT) environments continue to converge, businesses in industrial sectors such as energy, utilities and manufacturing will be increasingly challenged. These entities will have to overcome obstacles such as:
The high volume of manual labor
Analyst burnout and difficulty hiring qualified talent
Increased growth in surfaces and infrastructures
Interruption of activities due to violations
Ever-increasing compliance requirements
Lack of documented processes
The list is lengthened increasingly. It’s intimidating.
We launched the Medley Global Partner Program as a way to team up with partners like Nexum, Elastic, Recorded Future – and now 1898 & Co. – to deliver joint customer-centric solutions that deliver value to our joint customers. A independent electricity transmission company achieved several results working with Swimlane and 1898 & Co.:
Scalable and secure deployments compliant with NERC CIP requirements
Save 45 minutes per Indicator of Compromise (IOC) investigation
Secure asset management for the energy network
The rise of SOC and SOAR investments for OT environments
After reaching out to the team at 1898 & Co. led by Global Managing Director of Security and Risk Consulting, Matt Morris, we realized that these valuable needs and results are not limited to individual clients. Rather, these needs transcend all businesses operating in an OT environment. This observation is further validated by the SANS 2021 OT/ICS Cybersecurity Reportwhich found that investing in a security operations center (SOC) for OT control systems (37%) and security orchestration automation and response (SOAR) (33%) was top two investment priorities for surveyed companies over the next 18 months.
“Critical infrastructure organizations face increasing threats to their IT and OT environments, making it difficult for even the most skilled analysts to detect and respond to threats in a timely manner,” Morris said. “Investing in a SOAR platform will help these companies maximize and streamline the productivity of existing security tools and staff through the power of low-code automation. By implementing Swimlane’s SOAR approach, operators can truly accelerate their SOC and give analysts the tools to maximize efficiency and increase reach and coverage to more comprehensively address key threats.
Top Cybersecurity Threats and Requirements Leaders Are Addressing
The driving factors behind investing in SOCs for OT and SOAR environments were the need to maintain ongoing compliance and prevent breaches. From a compliance perspective, most companies that operate an OT environment map their control systems to the NIST Cyber Security Framework, with the NERC CIP and MITER ATT&CK ICS frameworks also common. According to the SANS survey, the top five vectors threatening OT environments include ransomware (54.7%), nation-state cyberattacks (43.1%), new vulnerable devices added to the network (31.3 %), non-state cyberattacks, including criminal attacks. , terrorism and hacktivism (27.9%) and the integration of IT into control networks (26.3%).
Looking ahead: Predictions for the future of OT cybersecurity
After absorbing all of this, I sat down with the team at 1898 & Co. and we identified 3 major OT cybersecurity trends that are expected to continue to become more prevalent over the next three to five years.
OT and IT will completely converge
As businesses demand that these technologies become more integrated, the need for real-time detection and response will be paramount. As this convergence occurs, the global skills shortage will become more significant. There is a huge lack of candidates who have mixed IT and OT experience. Proper use of the security automation architecture will be essential to enable this convergence.
Ransomware and Nation State Threats Will Continue to Rise
Security experts have known this for some time, but it is now becoming clear that the way we think about war has changed. Companies managing critical infrastructure such as grid energy, water, healthcare and essential manufacturing need expertise and technology to help reduce the impact and downtime associated with this risk. .
As the electrical grid evolves to accommodate advances in technology related to how we generate, transmit and distribute electricity, operational technology security will take center stage. The expansion of digital devices and grid modernization bring many benefits, such as smarter and more resilient power systems that can reduce the frequency and duration of power outages, but they also require constant monitoring and processes. secure responses. As network modernization intensifies, the requirement for automated actions will be paramount.
Low-code security automation for OT environments
Together, Swimlane and 1898 & Co. are delivering solutions to these existing and emerging challenges through our new Joint Solutions Framework. Swimlane’s low-code security automation solution offers a labor multiplier to add power to SOC teams in an OT environment. With the help of 1898 & Co. to develop processes conducive to automation, companies in OT environments are able to multiply their resources by 10 times.
*** This is a syndicated blog from the Security Bloggers Network of Swimlane (en-US) written by Mike Kay. Read the original post at: https://swimlane.com/blog/1898-swimlane-partnership-secures-critical-infrastructure-companies/