Operational technology

Tenable, the cyber exposure company, and Siemens have announced a strategic partnership to help energy, utilities and oil and gas companies close the industry readiness gap with a new solution for industrial asset discovery and vulnerability management. At a time when the risk of cyberattacks against critical infrastructure has grown exponentially, the two companies have teamed up to launch “Industrial Security” from Tenable, which Siemens is delivering as a service to help companies secure and protect their critical Operational Technology assets.

The partnership can help organisations address the challenge of not knowing where they are at greatest risk says a release.

It is said that the customers will gain a better understanding of where their Operational Technology (OT) assets may be vulnerable.

“Organisations running operational technology face a foundational security challenge – the need to understand the entirety of their cyber exposure in the context of a modern attack surface that is constantly evolving,” said Amit Yoran, CEO of Tenable.

“We’ve seen the rise of cloud, mobile and IoT and now the convergence of IT with OT, which have made critical systems vulnerable to increasingly aggressive adversaries and attacks. ...together we provide a way for organisations to monitor and address their attack surface in totality, so they can see where they are vulnerable and protect those systems -- and the people who depend on them -- from threats.”

The stakes have never been higher when it comes to cybersecurity for critical infrastructure. The number of cyberattacks worldwide continues to grow, with OT becoming a growing target, now comprising 30 percent of all cyberattacks, with a major impact on productivity, uptime, efficiency and safety, according to recent research conducted by Ponemon Institute on the state of cybersecurity in the U.S. oil and gas industry.

The deployment of cybersecurity measures isn’t keeping pace with the growth of digitalisation in oil and gas operations and the inability to accurately understand and represent cyber risk at any given time creates a massive cyber exposure gap.

“Cyberattacks against the O&G and utilities sector are on the rise and growing more sophisticated and aggressive by the day. Passive monitoring of all assets in these systems is critical to detecting and addressing vulnerabilities before they can be exploited and lead to disruption of essential public services like electricity, gas, and water,” said Leo Simonovich, Vice President and Global Head, Industrial Cyber and Digital Security at Siemens Energy. “With Siemens’ deep operational technology expertise and Tenable’s leading cybersecurity technology, this global partnership is uniquely poised to strengthen defenses in critical infrastructure and other organisations that rely on industrial systems.”

Siemens delivers and integrates best-of-breed technologies, empowering our customers to prioritise their most critical assets, continuously monitor their operating environment and build resiliency so they can rapidly respond and recover in the event of a breach. As an end-to-end provider of OT cyber solutions, Siemens provides our customers with the transparency, insights and control to help secure the entire operating environment.

Integral to that solution, Industrial Security from Tenable provides safe, reliable asset discovery and vulnerability detection purpose-built for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Using passive network monitoring based on Tenable’s Nessus Network Monitor, designed for critical systems which require a non-intrusive approach to vulnerability detection, the OT-native solution helps identify and prioritize OT risks so organizations can keep safety-critical production assets secure and fully functional.

Delivered by Siemens as a security service, Industrial Security helps customers understand the state of their assets at all times, providing them with the information they need to quickly and confidently assess, understand and ultimately reduce their cybersecurity risk. With Tenable, organizations for the first time can implement a single solution to assess Cyber Exposure across the entire modern attack surface, spanning both traditional IT and OT assets.