Nozomi Networks, the pioneer in cybersecurity and operational visibility for industrial control systems (ICS), today announced the latest release of SCADAguardian, making it faster and easier for cybersecurity engineers and plant operators to guard against cybersecurity attacks, monitor processes and manage ICS environments.
Last year, 295 critical infrastructure attacks were reported to the United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) division of the US Department of Homeland Security, according to its annual report. Concerns about ICS vulnerabilities and incidents have continued to grow in the last few years as ICS security incidents have increased from only a few each year to an incident every day.
“In the United States and globally the security of systems that control electric power, water, and oil & gas are at risk and need the most advanced technologies possible to protect operations from disruption,” said 451 Research Director Christian Renaud. “Nozomi’s SCADAguardian solution helps address a key customer concern in the deployment of IoT in critical infrastructure.”
Launched in 2013, Nozomi Networks was the first to successfully apply advanced machine learning and behavior detection to ICS networks. Today its flagship offering, SCADAguardian, monitors more than 50,000 industrial devices in dozens of multinational customer sites spanning oil & gas, electric utilities, manufacturing and transportation. That includes Enel, a multinational energy company and one of the world’s leading integrated electricity and gas operators. (Read Enel’s story here.)
SCADAguardian delivers critical ICS Security and Operational advantages:
SCADAguardian allows users to rapidly detect cyber incidents and process anomalies. Nozomi Networks bridges the science of automation, machine learning and network behavior analytics with ICS cybersecurity for deep detection of ICS risks and rapid prevention or mitigation of impacts. SCADAguardian’s Time Machine capabilities provides network and process snapshots to support forensic investigations and compliance reporting. It also provides automation capabilities to help with response and remediation. SCADAguardian supports zero-day detection, integration with firewalls and SIEMs, ICS incident alerting and notification; and end-to-end detection of attack activities, from recognizance, to command-and-control, to malicious actions.
SCADAguardian allows users to monitor processes with real-time insights. It supports real-time process monitoring and baselining with high granularity. Non-intrusive real-time mapping, monitoring and visualization provide immediate insights for faster troubleshooting and remediation of IT and operational issues without impacting industrial processes.
The latest release of SCADAguardian is available now from Nozomi Networks and includes the following enhancements:
Incident Management automatically aggregates multiple alerts and messages into incidents, using intelligent correlation heuristics. Instead of receiving multiple alerts that need to be associated to their logical cause, SCADAguardian groups those alerts by incident, providing an explanation of the cause, and making it more actionable for the operator. Operators can easily manage their networks at a level that makes the most sense.
Customizable Portable Dashboards simplify and streamline the standardization of corporate policy, security monitoring, and operational reporting across plants, entities, and even industries. Not only can industrial operators share and standardize dashboards between their plants, system integrators and resellers can also incorporate SCADAguardian’s dashboards into the compliance or operational services they sell.
Time Machine allows operators to compare a complete model of their plant and process at two different times in order to understand and visualize changes in the ICS environment with the highest possible context and granularity. This functionality is now fully integrated and seamlessly available throughout SCADAguardian to improve analysis and remediation of alerts and incidents. For example, Time Machine allows operators to view their control system before and after a security alert, with full process details that facilitate a faster and more accurate response.
Performance Optimization delivers a 20x improvement on response times giving customers instantaneous answers to complex ad-hoc queries and assertions along with compliance checks against NIST or NERC that are now are continuous and in real-time.
“Cybersecurity for ICS has a reputation for being difficult and ineffective,” said Nozomi Founder and Chief Product Officer Andrea Carcano. “Applying my 6 years of research and my experience in Industrial SecOps, we have implemented a revolutionary new approach that is process-centric and customers are adopting.”
For More Information on SCADAguardian:
In a separate release today the company also announced series A funding and expansions to its executive management team. Read the full release here.
About Nozomi Networks
Nozomi Networks has been delivering innovative cybersecurity and operational visibility solutions for industrial control systems (ICS) since 2013. Its next generation solution automatically builds an internal model of the industrial network and physical process and uses behavioral analytics and continuous monitoring to detect changes to baseline states. The result is real-time insight into ICS networks, devices and process status, rapidly identifying and enabling fast remediation of cyberattacks and process anomalies. Deployed in some of the world’s largest industrial installations, operators trust Nozomi Networks products to enhance cybersecurity, maximize uptime and deliver real ROI. The company is headquartered in Menlo Park, California, and Mendrisio, Switzerland. Visit www.nozominetworks.com.