Critical infrastructure is considered “critical” for good reason. Without a continuous energy supply and unhindered railway transportation, you wouldn’t be able to drive your car, and your grocery store shelves would be empty. In other words, societies would crumble fast. This overwhelming sense of doom makes for great extortion for security threat actors, making Industrial Control Systems (ICSs) a prime target. Attacks on industrial sectors saw a 140% increase in 2022, signaling a new frontier in the cybersecurity fight. To help protect your organization from falling victim to an attack, here are nine companies at the leading edge of ICS cybersecurity services.
Table of Contents
1. Palo Alto
Palo Alto Networks provides Information Technology (IT) and Operational Technology (OT) cybersecurity services to a wide range of government, enterprise, and service vendors. In addition to the usual industrial sectors, the company recently signed a multiyear partnership contract with the U.S. Department of Defense (DoD) to equip them with the company’s Internet Operations Management (IOM) capabilities, including the industry's leading attack surface management solution, Cortex Xpanse. This is an important aspect of the company’s implementation strategy as defense is to become a major area of OT cybersecurity spending.
Palo Alto Networks provides a host of cutting-edge New Generation Firewalls (NGFW) that can be deployed to secure industrial networks. The PA-220R firewall is specifically tailored to harsh industrial environments. Some of its key features include deploying Machine Learning (ML) in the core of the firewall to provide inline signatureless attack prevention for file-based attacks, while identifying and immediately stopping new phishing attempts. Palo Alto’s firewalls have the ability to enforce security for users at any location and on any device, while adapting policy based on user activity. Palo Alto’s firewalls deploy both stateful inspection, deep packet inspection (Layer-7) and can be deployed for access control.
2. Fortinet
Headquartered in Sunnyvale, California the company is a major provider of NGFWs and network security solutions. The vendor provides network security appliances that include firewalls, security gateways, and complementary products such as cellular gateways that can scale the WAN edge. The company has a broad footprint in the Industrial and OT cybersecurity market and is expanding rapidly to an expansive global customer base. Fortinet’s FGR-60F and FGR-70F rugged industrial firewalls also come in 3G4G Modem and GPS variants, while also supporting multiple GE RJ45, 2 SFP slots, and 1 bypass pair. The inclusion of cellular modem connectivity is a major strength of the series and a solution for dispersed industries in harsh climates.
In addition to appliances that keep the ICS environment safe, the FortiGuard Industrial Security Service provides network protection and filtering of malicious and unauthorized network traffic in Operational Technology (OT) environments. Combined with NGFWs, the service blocks malicious network traffic in industrial plants. The service also protects OT devices such as Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), and Human-Machine Interfaces (HMIs).
Related Content
The Definitive Guide to Industrial Control System (ICS) Security
3. ABB
ABB is a Swiss-based industrial manufacturer offering ICS security solutions and automation technologies like PLCs and HMIs. Due to its significant resources, ABB is one of the few companies offering both software and hardware solutions to prevent ICS cyberattacks. The extensive lineup of the ABB Ability Cyber Security portfolio includes several risk assessment solutions, as well as industrial control systems security offerings like:
- Malware protection
- Security updates
- Backup and recovery
- Asset inventory
- Security analytics
- Application allowlisting
4. Dragos
Monitoring 70% of the U.S. electric grid, Dragos is a major player in curbing the cyberthreat posed by malicious actors, especially in the face of the increased prevalence of state-on-state attacks targeting critical infrastructure. Partnering with Dragos means enterprises can expect to gain ICS security solutions such as industrial asset ID, threat detection, and intelligence.
A key focus of Dragos’ Operational Technology (OT) security platform is offering a variety of cybersecurity “playbooks” that tailor your ICS security apparatus to emerging threats, regulations, and specifications. These tools and resources are helpful for the many ICS cybersecurity professionals who are more Information Technology (IT)-savvy, and less experienced with protecting OT environments.
5. OTORIO
Israel-based cybersecurity vendor OTORIO helps secure ICS environments through extensive network evaluation and simulation methods. Using OTORIO’s ICS security platform, enterprises will gain a comprehensive overview of all the vulnerabilities and potential exposure points within the industrial control system. The platform will notify you of any issues, such as misconfigurations, networking bottlenecks, or segmentation gaps.
OTORIO takes things even further with the deployment of a cyber digital twin. The cyber digital twin will create a sandbox environment, whereby users can simulate attack scenarios on their critical infrastructure. OTORIO’s platform will provide you with key recommendations after the criticality of assets, and the feasibility of a breach happening. Support for on-demand assessments, supply chain evaluation, and regulation compliance are also key benefits of leveraging the data-driven digital twin that OTORIO provides.
6. Rapid7
Customers of Rapid7’s ICS security solutions can detect/respond to endpoint threats and pinpoint cyber-risky behavior with the company’s Endpoint Detection and Response (EDR) and User Entity and Behavior Analytics (UEBA) offerings. Deploying Rapid7’s InsightVM solution allows you to identify and prioritize security threats that reside within Supervisory Control and Data Acquisition (SCADA) and ICS systems. InsightVM also helps ensure that your organization complies with International Electrotechnical Commission (IEC) 62443 regulations.
Other solutions that Rapid7 offers to address ICS cyber risks include its Security Information and Event Management (SIEM) platform and the Rapid7 Metasploit penetration testing tool. The former is a cloud-based solution that detects IT-OT threats, while the latter tests your IC defense systems and protocols through attack simulation.
7. SCADAfence
SCADAfence protects ICS and SCADA networks through real-time monitoring of industrial environments and by providing lightweight tools that automate the security assessment process. The company’s security software platform, SCADAfence OT Remote Access, enables security teams to have full visibility into remote access connections. This solution is essential in detecting unusual user activity across the ICS/SCADA environment in a world where work-from-home policies are widespread. Customers of SCADAfence will also appreciate the software training and managed services that the company provides.
8. Siemens
Siemens is far removed from the days when its ICS equipment was vulnerable to cyberattacks, as evidenced by the Stuxnet computer worm attack on Iran’s nuclear facilities back in 2010. Legacy industrial equipment and systems from Siemens were so focused on operational efficiency that they lacked robust cybersecurity solutions. Today, Siemens’ industrial products are designed with cybersecurity as a top priority.
Through interviews with Siemens, our analysts have learned that the German company bakes in encryption and webserver disconnection capabilities with its newer PLCs. Moreover, industrial customers can expect Siemens’ consultants to assist them in implementing firewalls, unidirectional gateway solutions, and segmentation in the OT. Siemens’ team factors in your organization’s specific ICS challenges and requirements to design custom cybersecurity strategies.
9. Trend Micro
Japanese cybersecurity company Trend Micro offers ICS security solutions in two forms: Edge Series and Stellar.
Edge Series lets industrial factory operators defend their assets at a network level to secure legacy endpoints that cannot be patched. This solution eradicates the need to reconfigure network assets, so industrial operations can continue uninterrupted.
Stellar is Trend Micro’s industrial endpoint security solution, consisting of an agent working 1-to-1 with assets and a centralized management console streamlining their use. Trend Micro boasts about being the first vendor to offer a solution that provides seamless protection with complete oversight for legacy and modernized assets running side by side. Moreover, Stellar can detect abnormal behaviors done in the ICS environment and then quickly gauge if operations are compromised via an extensive library of ICS applications and certificates. Finally, Trend Micro lets users shut down legacy systems with trust lists, meaning only approved, role-specific tasks can be conducted by network endpoints.
Conclusion
These ICS cybersecurity companies are perhaps the unsung heroes of the modern world. Yes, they are in the business of making money, but that doesn’t take away from the fact that they are essential in protecting our critical infrastructure. When U.S. railroad workers threatened to go on strike last year, an industry report projected a more than US$2 billion cost per day if the shutdown were to go forward. While that was due to a union strike, similar economic damage can be expected in the event of a mass-scale cyberattack on the railway network. The same warning applies to oil & gas, manufacturing, agriculture, and other sectors that our societies often take for granted.
While there are clear overlaps between many of these ICS security vendors, there are also plenty of solution differentiations that might make one brand a better fit for your organization. For example, your industrial operations may still use many legacy systems, requiring firewalls and unidirectional gateways. Or perhaps you want to partner with a cybersecurity vendor with extensive experience in your field that will help you comply with local ICS security regulations. The crucial point is to choose the vendor that best aligns with your existing ICS environment and meets the specific challenges your OT-IT teams are experiencing.
Need more insight? Check out our Industrial Control System Security Research Spotlight.
