In light of recent industrial attacks in Ukraine and the targeting of energy companies by state-nexus adversaries, CISOs and their security teams are increasingly finding themselves responsible for the protection of their organization’s ICS environments. To achieve a level of true enterprise-wide security management, they must safely deploy ICS monitoring and alerting technology that integrates with established security workflows.
Today, FireEye is announcing a partnership with Waterfall Security Solutions to help assure plant managers and operations personnel are benefitting from the deployment of FireEye’s industry-leading cloud-based Threat Analytics Platform (TAP) to detect security concerns before they affect process uptime.
The Waterfall Unidirectional Cloud Connect physically enforces one-way flow from the ICS network to FireEye’s TAP, ensuring that enterprise security teams can monitor industrial networks in real-time without introducing process disruption. All event data that is collected from the Operational Technology (OT) network is published unidirectional to the FireEye TAP while the OT network is kept 100 percent safe.
This partnership enables clients to extend their existing Information Technology and OT platforms with more secure visibility into industrial plant environments, allowing them to monitor the security of their shop floor infrastructure in real-time. Customers who include the addition of FireEye’s recently announced Helix platform can integrate and automate their security operations. Being able to ingest OT information and events, then match it against intel from FireEye, provides the ability to run a security playbook for quicker time to remediation. This is imperative in today’s environment where FireEye is seeing an average of 99 days from compromise to discovery. Lowering this metric is critical to a company’s overall cyber security posture.
When combined with Mandiant’s dedicated team of ICS Security Consultants and iSIGHT’s eight years of providing ICS-specific threat intelligence, this partnership further reinforces FireEye as a leader in intelligence-led security across the entire enterprise.