July 12, 2018 By Kim Legelis
Philip Routley
3 min read

Across the manufacturing, oil/gas, chemical and utilities industries, operational technology (OT) attacks are on the rise. Governments, as well as energy and utility organizations, around the world are sharpening their focus on cybersecurity — and with good reason.

Attacks on critical infrastructures, such as fuel, electricity and drinking water supply, could potentially cause damage far beyond the obvious economic impact.

Incidents like the notorious shutdown of several nuclear centrifuges by Stuxnet malware in 2010; the Shamoon attacks against Gulf state organizations in November 2016 and January 2017; and multiple attacks against Ukrainian energy facilities in 2015 and 2016 are proof that the stakes are higher than ever for companies operating industrial control systems (ICSs).

Growing Threat; Stagnant Response

Despite the high-profile risks, a new IBM Institute of Business Value (IBV) report noted that many companies are still vulnerable today. The study, commissioned by Oxford Economics to understand how organizations protect themselves from OT risks, found that companies spend an average of 7 percent of their IT budgets on deployment and maintenance and only 1 percent on securing infrastructure. This is why governments are mandating more control over these environments through new regulations.

To improve cyber resiliency, security leaders need real-time visibility into their OT environments and assets, as well as cyberthreats, risks and process anomalies.

IBM, in partnership with Nozomi Networks, automates the hard work of taking inventory and visualizing and monitoring ICS tools while delivering the real-time visibility and threat detection organizations need to ensure high cyber resiliency and reliability.

Nozomi Networks QRadar Solution Now Available on IBM X-Force App Exchange

The new Nozomi Networks QRadar solution is now available for download on the IBM X-Force App Exchange. It provides deep visibility into OT networks and assets and real-time monitoring of security threats and risks.

The live streaming app displays events detected by Nozomi Networks SCADAguardian. The dashboard header provides important details at a glance, highlighting the number of events with a magnitude of 7-plus, the most-used protocol and the most-seen event name.

Graphical charts provide details on event source and destination IP, while the most recent events are displayed in a live-streaming list. The dashboard also supports drill-down for deeper event investigation.

Nozomi Networks QRadar app

The Nozomi Networks QRadar app shows important event details captured by SCADAguardian, including the number of OT events with a magnitude of 7-plus, the most-used protocol, event source and destination IP.

Nozomi Networks QRadar app supports drill-down on events by source and destination for fast and easy investigation into what’s going on inside the OT network.

Integrated Cybersecurity Solution on Display at RSA 2018 Asia Pacific & Japan

Nozomi Networks is also collaborating with IBM at the RSA Conference in Singapore in July 2018. Through a pre-conference workshop and an integrated IBM/Nozomi Networks IT/OT cybersecurity demo, RSA attendees will be able to see the solution’s deep industrial network visibility, nonintrusive monitoring, continuous threat detection and intelligent threat hunting capabilities firsthand.

These features include:

  • Live demos of IBM QRadar’s integration with Nozomi Networks SCADAguardian: The IBM-certified integration supports utilities, oil/gas, manufacturing and other industrial environments with advanced IT and OT security monitoring capabilities, including easy access to deep network visibility, nonintrusive monitoring, continuous threat detection and intelligent ICS threat hunting.
  • Enhanced security services for IT/OT convergence: Attendees will learn how Nozomi Networks and IBM Security services are joining forces to provide best-in-class, value-added IT and OT security solutions.
  • Nozomi Networks on the IBM X-Force App Exchange: Nozomi Networks SCADAguardian is now certified by IBM and available via the IBM X-Force App Exchange. The app makes it easy to seamlessly incorporate real-time operational visibility and industrial network monitoring in a comprehensive IT/OT cybersecurity program.
  • A one-stop solution adding OT visibility and cybersecurity: QRadar combines Nozomi Networks solutions and IBM’s IT/OT risk-management portfolio for robust automated security assistance.

More from

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today