Dragos said that it has been selected by the National Cybersecurity Center of Excellence (NCCoE) as a technology collaborator on the Energy Sector Asset Management Project, which is being taken up to help energy providers monitor, manage, and secure their assets.
Image: An offshore oil rig in operation. Photo: courtesy of num_skyman/Freedigitalphotos.net.
Dragos business development director Matt Cowell said: “Asset discovery is an important step in the pursuit of detecting threats to industrial operations, and the Dragos Platform provides industrial control systems (ICS) defenders with unprecedented knowledge of assets and activity, the threats and adversaries they face, and the tools and knowledge to defend against them.
“Dragos is excited to collaborate with NCCoE and other technology vendors on this latest use case, providing further cybersecurity guidance to the energy sector.”
The Dragos Platform is an automated network monitoring, threat detection, and response platform that uses an intelligence-based approach to passively identify ICS assets and communications, alert to malicious activity, and guide defenders step-by-step if a threat is found.
The NCCoE will implement Dragos’ technology, along with other technologies, in a laboratory environment to build a standards-based, modular, end-to-end example solution that will address the security challenges of operational technology (OT) asset management for the energy sector, including:
Asset Discovery: establishment of a full baseline of physical and logical locations of assets
Asset Identification: capture of asset attributes, such as manufacturer, model, operating system, internet protocol (IP) addresses, media access control addresses, patch-level information, and firmware versions
Asset Visibility: continuous identification of newly connected or disconnected devices, and IP (routable and non-routable) and serial connections to other devices
Asset Disposition: the level of criticality (high, medium, or low) of an asset, its relation to other assets within the OT network, and its communication (including serial) with other devices
Alerting Capabilities: detection of a deviation from the expected operation of assets
Expected Industry Benefits
Reduce cybersecurity risk and reduce impact to safety and operations
Development of an executable strategy that provides continuous OT asset management and monitoring
Faster response to security alerts/attacks/events through automation
Cybersecurity standards and best practices, while maintaining the performance of energy infrastructures
Source: Company Press Release