HOUSTON, TX– JUNE 15, 2021 – SecurityGate.io, the #1 risk management SaaS (Software-as-a-Service) platform for industrial cybersecurity, today announced an integration with Nozomi Networks, the industry leader in OT and IoT security and visibility. The partnership between the two companies enables critical infrastructure organizations to: (1) quickly perform a cybersecurity assessment of their facilities prior to deploying Nozomi Networks hardware, (2) roll up the CVE scores of devices into a single location-level score, and (3) learn how to bring their operations into compliance with standards for personnel, process and technical cybersecurity.
SecurityGate.io’s platform reduces the time needed to perform cybersecurity assessments from weeks to hours, giving industrial companies rapid visibility into their risk posture. From there, Nozomi Networks’ platform performs passive deep-packet inspection of traffic over the OT network. The Nozomi devices determine an array of information, including: which assets are connected to the network, what type of assets they are, which firmware is running on them, which protocol it uses over the network, and which operating system the device is running. That information is used by Nozomi Networks and is cross-checked against the US government’s National Vulnerability Database (NVD) to determine a risk score for each device.
“In an IT environment, most of the devices are communicating with the TCIP protocol. This is vastly different for devices in an OT environment, which communicate over a number of different protocols that are often proprietary to the specific manufacturers,” Chief Product Officer, Cherise Esparza at SecurityGate.io, says. “Through this passive look at network traffic, Nozomi is able to piece together not only the types of devices on the OT network, but also their relative risk of being compromised.”
Nozomi Networks provides a Common Vulnerabilities and Exposure (CVE) score for each of the devices at a granular level. While this level of detail can be beneficial for those OT professionals working on the ground, an executive or leadership team often needs a bigger-picture assessment to make sense of the overarching exposure at a macro-environment level such as a plant or facility.
Through an API integration with Nozomi Networks, the SecurityGate.io platform now can provide a bird’s-eye view by rolling up the device-level CVE scores into an overall score for a particular facility or location. This valuable information provides leadership with a full picture of the risk posture that different facilities have across locations.
While Nozomi Networks leads the market in providing data on technical controls, many compliance frameworks, such as NIST, have 80% or more of their controls focused on personnel and process. Through this partnership, an organization can utilize SecurityGate.io as a platform to document compliance with non-technical controls concerning personnel and process, giving an industrial company full visibility into their overall environment.
“We see great value in the opportunity to contact Nozomi Networks via the API to proactively provide answers to a number of compliance questions automatically,” Cherise says. “Rather than having to pose an assessment question to a worker at a facility, we see a future where our platform can connect directly to a facility’s devices and provide answers to a number of questions around compliance without direct human intervention. This can not only speed up assessments, but also provide real-time insights into whether or not controls are being met. We look forward to working with Nozomi Networks in an effort to bring more value to their customers.”
SecurityGate.io is a Houston-based cybersecurity software company. Their risk management platform helps industrial companies discover cyber risks sooner and make improvements faster. This is done by replacing slow, manual risk management processes with digital automation, agile workflows, and data intelligence.
The company was recently included in Gartner’s 2021 Market Guide for Operational Technology Security and Takepoint Research’s 2021 Buyer’s Guide for Industrial Cybersecurity Technology and Solutions. SecurityGate.io serves customers such as Chevron, Westlake Chemical, Diamond Offshore, and Patterson UTI.