Radiflow, a provider of cybersecurity solutions for industrial automation networks, announces that the company releases a new version of its iSID industrial threat detection solution.
In this new version, iSID analyses the OT network and maps the operational business processes of the industrial facility. All business processes on the OT network are then graphically displayed, while each network-connected asset now includes the details of the business processes that each is connected to within the asset inventory maintained by iSID.
Detecting potential attack paths
iSID would calculate a risk score based on the increased attack surface and potential damage
The iSID operator can then use this information to rank the business processes according to their critical impact and adjust the risk scoring, resulting in a business-driven prioritisation of the risk mitigations. In addition, Radiflow has added a framework for delivering on-going insight and actionable recommendations for reducing the risks on the OT network. For each identified risk, iSID calculates a risk score based a set of best practices for OT cyber security defined by Radiflow.
Each identified risk also includes a description of its potential impact on operational business processes and recommendations for mitigation. For example, upon detecting potential attack paths to and access vectors on the OT network, iSID would calculate a risk score based on the increased attack surface and potential damage, and then provide the user with recommendations for threat mitigation measures.
Maintaining and improving performance
The research and advisory company Gartner recommends in its July 2019 Hype Cycle for Managing Operational Technology, 2019 (available to subscribers) that “security and risk managers should map OT leading performance indicators against IT/OT leading risk indicators to write security policies consistent with maintaining and improving performance”.
These new risk analysis capabilities are part of our overall product strategy"
“These new risk analysis capabilities are part of our overall product strategy to deliver our customers with the intuitive tools to manage their risks in a business-driven manner, which we believe are aligned with Gartner’s recently published recommendations to security and risk managers,” said Michael Langer, Chief Product Officer at Radiflow. “It is also important to highlight that these new capabilities are a direct extension of the Dynamic Vulnerability Scoring for OT assets included in our previous release of iSID.”
Industrial enterprise customers
“By mapping business processes and prioritising OT risks according business impact, industrial enterprises can address the most important vulnerabilities first in order to reduce the potential for business interruptions, which are critical for factories, manufacturers and similar industrial enterprises, especially in the private sector,” further explained Langer.
These new additions to the iSID solution can be leveraged by Radiflow’s OT MSSP partners to offer on-going OT risk analysis and mediation services to their industrial enterprise customers. Radiflow is scheduling demonstrations of this new version of its iSID solution on its web site.
