This week we welcome guest authors: Tripwire's Gary DiFazio and Claroty's Katherine Brocklehurst.
The world is constantly innovating to increase visibility and reduce blind spots: radar lets boats navigate in extreme fog, night-vision goggles give soldiers the ability to operate at night, and radiology enables doctors to diagnose patients more accurately.
In the spirit of reducing blind spots, Claroty and Tripwire have come together to give industrial control operators who manage mission critical operational technology networks, the situational awareness and visibility into conditions that could detrimentally impact the safety and productivity of industrial control processes.
Do you have the visibility you need to be able to know when a condition could negatively impact your process?
We’ve all been there - something impacts production and the first question on the plant floor is – “what changed?” Simply put, despite our best efforts and good processes, there are blind spots that can impact operations and profits. One plant manager put it this way: “I’m not that concerned about hackers per se, but my own guys or one of our vendors change something without us knowing? I just don’t have the visibility - that is my biggest problem.”
These blind spots are becoming more pronounced as the rate of connectivity within industrial environments is growing exponentially. Unfortunately, more and more industrial control systems and field I/O devices are getting connected to networks that also have many exploitable vulnerabilities as part of their architecture. Many organizations we talk to have admitted to these blind spots:
Whether corporate IT or plant-side operational technology (OT), if we are able to remove or minimize blind spots as outlined above, we can increase the ability to keep our industrial processes running without sacrificing safety, quality or productivity. This is where cyber security best practices can help control operators. The more telemetry we gather about the cyber security state of our devices, the more we can predict, pinpoint and recover from events that may impact our process.
Claroty and Tripwire are offering industrial cyber security integrated solutions to give ”shop-floor-to-top-floor” visibility into conditions and situational awareness that could detrimentally impact the safety and productivity of industrial control processes.
Working together, the two companies’ cyber security solutions can take raw data and turn it into meaningful and actionable information to preserve and protect both plant operations and corporate IT. Both companies elevate the concern of negatively impacting productivity from industrial control operators as their solutions harvest raw data in proven, non-impacting ways, whether it is by actively querying devices via native industrial protocols, passively dissecting network traffic of 42+ and growing flavors of industrial protocols or analyzing device raw-log information. Both companies make all of the above blind spots go away as each provides visibility into different areas of the industrial control environment from dissecting every network packet or analyzing how devices are configured.
Tripwire is now offering Tripwire Industrial Visibility, which integrates Claroty’s Continuous Threat Detection with Tripwire Log Center. If you’re an existing Tripwire customer this solution can be procured through an existing vendor relationship, which can speed deployment.
Below is a sample weekly trending report showing visibility into firmware downloads, controller mode changes and controller configuration changes.
No organization should have to operate without the visibility and protection of combined solutions from Claroty & Tripwire. Whether early detection of network traversal or insight into device operational state and configuration, this partnership provides complete visibility for industrial and critical infrastructure organizations for safe and predictable organizational operations “shop floor-to-top floor.”