Across the manufacturing, oil/gas, chemical and utilities industries, operational technology (OT) attacks are on the rise. Governments, as well as energy and utility organizations, around the world are sharpening their focus on cybersecurity — and with good reason.

Attacks on critical infrastructures, such as fuel, electricity and drinking water supply, could potentially cause damage far beyond the obvious economic impact.

Incidents like the notorious shutdown of several nuclear centrifuges by Stuxnet malware in 2010; the Shamoon attacks against Gulf state organizations in November 2016 and January 2017; and multiple attacks against Ukrainian energy facilities in 2015 and 2016 are proof that the stakes are higher than ever for companies operating industrial control systems (ICSs).

Growing Threat; Stagnant Response

Despite the high-profile risks, a new IBM Institute of Business Value (IBV) report noted that many companies are still vulnerable today. The study, commissioned by Oxford Economics to understand how organizations protect themselves from OT risks, found that companies spend an average of 7 percent of their IT budgets on deployment and maintenance and only 1 percent on securing infrastructure. This is why governments are mandating more control over these environments through new regulations.

To improve cyber resiliency, security leaders need real-time visibility into their OT environments and assets, as well as cyberthreats, risks and process anomalies.

IBM, in partnership with Nozomi Networks, automates the hard work of taking inventory and visualizing and monitoring ICS tools while delivering the real-time visibility and threat detection organizations need to ensure high cyber resiliency and reliability.

Nozomi Networks QRadar Solution Now Available on IBM X-Force App Exchange

The new Nozomi Networks QRadar solution is now available for download on the IBM X-Force App Exchange. It provides deep visibility into OT networks and assets and real-time monitoring of security threats and risks.

The live streaming app displays events detected by Nozomi Networks SCADAguardian. The dashboard header provides important details at a glance, highlighting the number of events with a magnitude of 7-plus, the most-used protocol and the most-seen event name.

Graphical charts provide details on event source and destination IP, while the most recent events are displayed in a live-streaming list. The dashboard also supports drill-down for deeper event investigation.

Nozomi Networks QRadar app

The Nozomi Networks QRadar app shows important event details captured by SCADAguardian, including the number of OT events with a magnitude of 7-plus, the most-used protocol, event source and destination IP.

Nozomi Networks QRadar app supports drill-down on events by source and destination for fast and easy investigation into what’s going on inside the OT network.

Integrated Cybersecurity Solution on Display at RSA 2018 Asia Pacific & Japan

Nozomi Networks is also collaborating with IBM at the RSA Conference in Singapore in July 2018. Through a pre-conference workshop and an integrated IBM/Nozomi Networks IT/OT cybersecurity demo, RSA attendees will be able to see the solution’s deep industrial network visibility, nonintrusive monitoring, continuous threat detection and intelligent threat hunting capabilities firsthand.

These features include:

• Live demos of IBM QRadar’s integration with Nozomi Networks SCADAguardian: The IBM-certified integration supports utilities, oil/gas, manufacturing and other industrial environments with advanced IT and OT security monitoring capabilities, including easy access to deep network visibility, nonintrusive monitoring, continuous threat detection and intelligent ICS threat hunting.
• Enhanced security services for IT/OT convergence: Attendees will learn how Nozomi Networks and IBM Security services are joining forces to provide best-in-class, value-added IT and OT security solutions.
• Nozomi Networks on the IBM X-Force App Exchange: Nozomi Networks SCADAguardian is now certified by IBM and available via the IBM X-Force App Exchange. The app makes it easy to seamlessly incorporate real-time operational visibility and industrial network monitoring in a comprehensive IT/OT cybersecurity program.
• A one-stop solution adding OT visibility and cybersecurity: QRadar combines Nozomi Networks solutions and IBM’s IT/OT risk-management portfolio for robust automated security assistance.