Across the manufacturing, oil/gas, chemical and utilities industries, operational technology (OT) attacks are on the rise. Governments, as well as energy and utility organizations, around the world are sharpening their focus on cybersecurity — and with good reason.

Attacks on critical infrastructures, such as fuel, electricity and drinking water supply, could potentially cause damage far beyond the obvious economic impact.

Incidents like the notorious shutdown of several nuclear centrifuges by Stuxnet malware in 2010; the Shamoon attacks against Gulf state organizations in November 2016 and January 2017; and multiple attacks against Ukrainian energy facilities in 2015 and 2016 are proof that the stakes are higher than ever for companies operating industrial control systems (ICSs).

Growing Threat; Stagnant Response

Despite the high-profile risks, a new IBM Institute of Business Value (IBV) report noted that many companies are still vulnerable today. The study, commissioned by Oxford Economics to understand how organizations protect themselves from OT risks, found that companies spend an average of 7 percent of their IT budgets on deployment and maintenance and only 1 percent on securing infrastructure. This is why governments are mandating more control over these environments through new regulations.

To improve cyber resiliency, security leaders need real-time visibility into their OT environments and assets, as well as cyberthreats, risks and process anomalies.

IBM, in partnership with Nozomi Networks, automates the hard work of taking inventory and visualizing and monitoring ICS tools while delivering the real-time visibility and threat detection organizations need to ensure high cyber resiliency and reliability.

Nozomi Networks QRadar Solution Now Available on IBM X-Force App Exchange

The new Nozomi Networks QRadar solution is now available for download on the IBM X-Force App Exchange. It provides deep visibility into OT networks and assets and real-time monitoring of security threats and risks.

The live streaming app displays events detected by Nozomi Networks SCADAguardian. The dashboard header provides important details at a glance, highlighting the number of events with a magnitude of 7-plus, the most-used protocol and the most-seen event name.

Graphical charts provide details on event source and destination IP, while the most recent events are displayed in a live-streaming list. The dashboard also supports drill-down for deeper event investigation.

Nozomi Networks QRadar app

The Nozomi Networks QRadar app shows important event details captured by SCADAguardian, including the number of OT events with a magnitude of 7-plus, the most-used protocol, event source and destination IP.

Nozomi Networks QRadar app supports drill-down on events by source and destination for fast and easy investigation into what’s going on inside the OT network.

Integrated Cybersecurity Solution on Display at RSA 2018 Asia Pacific & Japan

Nozomi Networks is also collaborating with IBM at the RSA Conference in Singapore in July 2018. Through a pre-conference workshop and an integrated IBM/Nozomi Networks IT/OT cybersecurity demo, RSA attendees will be able to see the solution’s deep industrial network visibility, nonintrusive monitoring, continuous threat detection and intelligent threat hunting capabilities firsthand.

These features include:

  • Live demos of IBM QRadar’s integration with Nozomi Networks SCADAguardian: The IBM-certified integration supports utilities, oil/gas, manufacturing and other industrial environments with advanced IT and OT security monitoring capabilities, including easy access to deep network visibility, nonintrusive monitoring, continuous threat detection and intelligent ICS threat hunting.
  • Enhanced security services for IT/OT convergence: Attendees will learn how Nozomi Networks and IBM Security services are joining forces to provide best-in-class, value-added IT and OT security solutions.
  • Nozomi Networks on the IBM X-Force App Exchange: Nozomi Networks SCADAguardian is now certified by IBM and available via the IBM X-Force App Exchange. The app makes it easy to seamlessly incorporate real-time operational visibility and industrial network monitoring in a comprehensive IT/OT cybersecurity program.
  • A one-stop solution adding OT visibility and cybersecurity: QRadar combines Nozomi Networks solutions and IBM’s IT/OT risk-management portfolio for robust automated security assistance.

More from

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

Operational Technology: The evolving threats that might shift regulatory policy

Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. Attacks on Operational Technology (OT) and Industrial Control Systems (ICS) grabbed the headlines more often in 2022 — a direct result of Russia’s invasion of Ukraine sparking a growing willingness on behalf of criminals to target the ICS of critical infrastructure. Conversations about what could happen if these kinds of systems were compromised were once relegated to “what ifs” and disaster movie scripts. But those days are…

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…

Six Ways to Secure Your Organization on a Smaller Budget

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats with fewer resources — both human and technical. Cobalt’s 2022 The State of Pentesting Report found that 90% of short-staffed teams are struggling to monitor…