Indegy is integrating its Indegy Industrial Cybersecurity Suite with IBM’s QRadar Security Intelligence Platform to bridge the visibility gap between enterprise information technology (IT) environments and industrial, operational technology (OT) environments. Recent attacks such as TRITON, Dragonfly 2.0, and CrashOverride/Industroyer have shown that today’s industrial control systems (ICS), many of which are now connected to enterprise IT systems, are no longer isolated from cyber threats. At the same time, traditional IT security solutions are unable to monitor the specialized systems used in OT environments to identify risks.
The combination of the Indegy Industrial Cybersecurity Suite and IBM QRadar is said to provide the deep visibility, security, and control required to close the blind spot between enterprise IT and industrial ICS networks. The cybersecurity suite parses OT events that it gathers and converts them to a standard taxonomy format that can be displayed through the QRadar interface. As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime.
Indegy’s Industrial Cybersecurity Suite is purpose-built to provide real-time situational awareness and visibility into ICS networks. It combines behavioral anomaly detection with policy-based rules for comprehensive threat detection and mitigation, and unique visibility into the asset inventory. Industrial facilities including critical infrastructures, utilities, water, energy, pharmaceutical and manufacturing organizations use Indegy to automate operational oversight processes, identify human errors such as misconfigurations and failed maintenance, and protect against malware, cyber attacks, and insider threats.
IBM’s QRadar Security Intelligence Platform integrates security information and event management (SIEM), log management, anomaly detection, network analysis, user behavior analytics and vulnerability management to analyze data in real-time across an organization’s enterprise IT infrastructure to detect and prioritize potential security threats. The combined Indegy-IBM solution provides joint users with:
- Visibility across IT and OT environments
- Behavioral and advanced heuristics
- Policy based controls
- Identification of vulnerabilities
- Complete and real-time device inventory
- Asset tracking
- Proactive security and compliance reporting