Structured according to the five current NIST CSF functions
While operational technology (OT) has traditionally been separate from information technology (IT), that line is increasingly becoming blurred, resulting in new security challenges for organizations. Thankfully, there are now several OT security vendors who can help you secure your infrastructure. This article walks through the reasons for the OT/IT convergence, the different phases that OT departments go through in securing their connected infrastructure, and a list of OT security vendors that can help your infrastructure stay secure.
The OT/IT Convergence
For many, the distinction between OT and IT has historically been stark. Massive machines that were part of industrial control systems (ICS) were purely mechanical, standalone pieces of technology. These contained systems were not networked to anything, and troubleshooting had to be done onsite, often in remote parts of the world. It’s no wonder that OT was completely separated from IT—the technologies were fundamentally different, requiring a different set of skills to operate and troubleshoot.
The merging of OT and IT began with the ability to network OT devices over the web. The flow of data from these once remote devices delivered a tremendous amount of value to critical infrastructure businesses. They quickly began bringing these once standalone devices online, whether in brownfield projects that networked previously unconnected OT devices or greenfield projects that had OT devices with connectivity directly out of the box.
Today, the gap between OT and IT is not simply converging; it has altogether collapsed. The connectivity of OT devices presents the opportunity for a bad actor to exploit weaknesses of the device from the outside. With this change comes many new cybersecurity challenges for OT departments and a host of new OT security vendors that can help resolve them. But first, OT departments must be made aware that there is a potential threat that must be resolved.
Phases of Securing OT
With connected OT devices being relatively new, many OT departments go through a phased approach in their journey towards securing their infrastructure. It usually follows this pattern:
Step 1: OT Security Kickoff
This first stage is often initiated by the board, executive team, or department leadership as a response to recent cybersecurity failures (such as the SolarWinds hack) or to comply with government or vendor regulations. Whatever the case, the powers that be have declared OT cybersecurity to be a priority, leaving OT personnel scrambling to find the right processes to follow and/or the right OT security vendors to help them do so.
Step 2: Asset Discovery and Cybersecurity Assessment
In order to secure OT devices, you must first discover exactly what’s connected to your network. In this phase, the organization looks to document the network topology and all the connected assets that that attached to it. This is often the “eureka moment” when both management and staff realize how many devices are at risk for possible exposure, especially if they have not been updated or patched in a while. Asset discovery often leads to—or is done in tandem with—an OT assessment that looks at the risk exposure of the organization’s people, processes, and devices.
Step 3: Risk Remediation, Process Optimization, and Threat Detection
Now that the networked devices have been identified and the risk of exposure understood, it’s time to remediate the problems, optimize processes to prevent risks from cropping up again and ensure that there is proper threat detection. Remember: with connected devices it is not a matter of if your systems will ever be breached; it’s a matter of having the appropriate detection and response when they are compromised.
Top OT Security Vendors You Should Know in 2024
We have compiled a list of the top 15 OT security vendors we hear about most often on customer calls, and we have grouped them by the current five NIST CSF functions: identify, protect, detect, respond, and recover.
We’re not necessarily endorsing or recommending any of vendors here, but we do hear about them often and they are vendors that can assist organizations with their cybersecurity journey. That said, an organization must realize that there is indeed no “silver bullet” when it comes to securing OT devices. In fact, a successful strategy typically involves a number of these solutions working together in concert with policies that cover people and processes.
This is where SecurityGate really shines. We are an OT security vendor with a lightweight software-as-a-service (SaaS) platform that is built to quickly assess your organization’s critical infrastructure cybersecurity risks so you can make improvements faster. Our team is made up of OT professionals with a wealth of experience conducting OT security assessments and leading remediation efforts. Our platform design is based on all the challenging experiences we had running OT security for industrial companies, wishing there was an easier, faster way to do it.
Gartner has recognized our effectiveness in the space and included us in their 2021, 2022, and 2023 Market Guides for OT Security Vendors. Check out the details here.
The best part of our platform is that with painless, spreadsheet-free assessments, you can understand your organization’s cyber risk exposure sooner and make improvements across the organization faster. SecurityGate gives you visibility into cybersecurity compliance and maturity efforts across your organization, and in tandem with some of the OT security vendors below, can help you continuously strengthen your company’s operational resilience.
Disclaimer : SecurityGate is neither endorsing nor recommending any of the vendors listed below in this blog post. Some of these vendors have official partnerships of various types with SecurityGate, and some do not.
Identify:
1. ABB
ABB Ability™ Cyber Security Services enable you to identify and address cyber threats before they harm your business. Their approach makes it easy for you to select the service level that meets your distinct needs. ABB offers most of their products under a service contract to make it easier to protect your production and ensure that your security defenses are working as intended. Their industrial cyber engineers and experts install and service the solutions and, if you want to, maintain them over time.
2. CrowdStrike
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.
3. SecurityGate
SecurityGate is an innovative software company that has built the leading SaaS platform to enable cyber teams to secure the world’s critical infrastructure. With SecurityGate’s critical infrastructure expertise, simplified dashboards, and actionable data workflows, asset owners and consultant partners are empowered to collaborate and mature cyber programs faster and easier than traditional manual methods.
Protect:
4. Xage Security
Xage is the first and only zero trust real-world security company. The Xage Fabric accelerates and simplifies the way enterprises and governments secure, manage and transform digital operations across OT, IT, and cloud. Xage solutions include Identity & Access Management for on-site security, zero trust remote access, and data protection, all powered by the Xage Fabric.
5. Fortinet
Founded more than 20 years ago in Sunnyvale, California, Fortinet continues to be a driving force in the evolution of cybersecurity and the convergence of networking and security. Securing people, devices, and data everywhere is their mission. To that end, their portfolio of over 50 enterprise-grade products is the largest integrated offering available, delivering proven cybersecurity everywhere you need it. More than 680,000 customers trust Fortinet solutions, which are among the most deployed, most patented, and most validated in the industry.
6. Waterfall Security Solutions
Waterfall Security safeguards the most sensitive and critical infrastructures across a wide range of industries including Power, Oil & Gas, Water Utilities, Rail, Manufacturing, Facilities, and Minting & Metals. Waterfall solutions uses an innovative approach which combines unique hardware paired with dedicated software that provides 100% unbreachable protection while still allowing remote visibility.
Detect:
7. Tenable
Tenable OT Security is an industrial security solution that can help identify assets in your OT environment, communicate risk, prioritize action and enable your IT and OT security teams to work better together. With a comprehensive set of security tools and reports, Tenable OT Security provides visibility across IT and OT security operations.
8. Nozomi Networks
Not only does Nozomi Networks provide asset discovery, network visualization, vulnerability assessment, risk monitoring, and threat detection, but they also supply a central management console that combines OT and IT risk monitoring. Nozomi Networks specializes in the critical infrastructure sector, claiming to secure several of the world’s largest oil and gas, pharma, mining, and utility companies.
9. Claroty
This industrial cybersecurity system specializes in continuous threat detection and secures remote access solutions for industrial systems. Claroty is a platform that can reveal the assets connected to your network, protect them by looking at critical vulnerabilities, and detect threats in real-time as they attack your network. Additionally, Claroty provides a way for business users to connect securely to industrial networks to help drive organizational innovation.
Respond:
10. Dragos
Created by ICS and OT professionals, Dragos offers a platform to visualize, protect and respond to online threats with a mission to “protect the world’s most critical infrastructure and safeguard civilization.” Dragos is also notable for building a partnership with the Department of Energy to create Neighborhood Keeper, a collaboration to assist smaller providers who don’t have the resources to purchase advanced security technologies.
11. Mandiant
Mandiant is recognized by enterprises, governments and law enforcement agencies worldwide as the market leader in threat intelligence and expertise gained on the frontlines of cyber security. To make every organization confidently ready for cyber threats, Mandiant scales its intelligence and expertise through the Mandiant Advantage SaaS platform to deliver current intelligence, automation of alert investigation and prioritization and validation of security controls products from a variety of vendors.
12. IBM
IBM is a leading provider of global hybrid cloud and AI, and consulting expertise. They help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. IBM X-Force Incident Response includes a team of experienced threat hunters, responders and investigators who specialize in incident preparedness, detection, response and recovery. Their goal is to reduce the business impact of a breach and improve resiliency to attacks through planning and testing.
Recover:
13. Verve Industrial
Verve Industrial Protection has ensured reliable and secure industrial control systems for 25 years. Its principal offering, the Verve Security Center, is a unique, vendor-agnostic OT endpoint management platform that provides IT-OT asset inventory, vulnerability management, and the ability to remediate threats and vulnerabilities from its orchestration platform. Verve’s Design-4-Defense professional services support clients in ensuring their OT environments are designed and operated in a secure manner.
14. Veeam
Veeam is renowned for its comprehensive and user-friendly backup solutions, catering primarily to virtualized environments like VMware and Microsoft Hyper-V. Veeam Backup & Replication, one of their flagship products, provides reliable data protection by creating image-based backups and ensuring fast and efficient recovery options. With a focus on simplicity and flexibility, Veeam’s backup solutions are designed to meet the diverse needs of businesses, offering a robust and scalable approach to data management and recovery.
15. Acronis
Acronis offers antivirus, backup, disaster recovery, endpoint protection management solutions, and award-winning AI-based anti-malware and blockchain-based data authentication technologies through service provider and IT professional deployment models. These solutions protect data, applications, and systems in any environment. Founded in Singapore in 2003 and incorporated in Switzerland in 2008, over 5.5 million home users and 500,000 companies, including 100% of the Fortune 1,000, trust Acronis.
There Is No Single Solution
With OT cybersecurity, there is no single product that is a cure-all for securing your infrastructure. In fact, that is one of the biggest errors many organizations make when initially putting together their OT cybersecurity budgets: they look for one single solution to solve everything that ails them.
Instead, it is important to realize you need a cybersecurity ecosystem built with many different OT security vendor solutions. You must be able to discover all the assets on your network, quickly assess their relative risk and exposure, provide visibility into the remediation of known issues, optimize future processes to minimize human error, and have highly intelligent threat detection and mitigation services in place.
If you’re looking to take your OT cyber security program to the next level and need help assessing your critical infrastructure’s current state, SecurityGate is here to help.
For more information about SecurityGate, subscribe to our weekly newsletter.
