Electricity + Control March 2021

CYBERSECURITY

Stepping up OT network protection

K aspersky has joined forces with Waterfall Security Solutions to better secure industrial networks. Kaspersky Industrial CyberSecurity for Networks and Waterfall for Intrusion Detection Systems together enable non-intrusive industrial network inventory, threat detection and hardware-enforced protection from network attacks. Industrial enterprises need to meet emerging cybersecurity challenges that come with operational technology (OT) network digitalisation. According to Kaspersky, 55% of organisations now recognise that the Internet of Things (IoT) will change the state of security in industrial control systems (ICS). Products such as those offered by Kaspersky and Waterfall present cost-effective ways to protect against network threats. Ensuring that these two landmark products are compatible is therefore particularly significant for industrial organisations. Waterfall for Intrusion Detection Systems Waterfall for Intrusion Detection Systems (IDS) enables net- work intrusion sensors to monitor operational technology (OT) and industrial control system (ICS) networks without risk to the monitored networks. Waterfall for IDS unidirec- tional hardware emulates OT mirror and SPAN ports to net- work intrusion sensors on IT networks. With Waterfall for IDS in place, industrial enterprises can confidently host OT sen- sors on IT networks where the sensors are easily managed and updated by central SOC analysts, without risk to phys- ical operations. Waterfall for IDS is a hardware-enforced, physical barrier that prevents remote attacks, malware, DOS attacks, ransomware, and human errors originating on IT networks from compromising or impairing physical operations, while enabling seamless interoperability with intrusion detection system platforms. Kaspersky Industrial CyberSecurity for Networks Kaspersky Industrial CyberSecurity for Networks (KICS for Networks) is an OT network monitoring and visibility solu- tion, delivered as software or as a virtual appliance, pas- sively connected to the ICS network. KICS for Networks de- tects anomalies and intrusions inside ICS networks in their early stages and ensures the necessary actions are taken to prevent any negative impact on industrial processes. KICS for Networks technologies include asset discovery, inspection of industrial protocols (DPI), network integrity and command control, Intrusion detection system and oth- ers. The interface displays a live dashboard and a network map, allowing working with assets and security events. The joint solution provides non-intrusive industrial net- work traffic inspection and deep packet inspection (DPI) to detect attacks, errors and anomalies, while providing industrial networks with hardware-enforced protection for safe and reliable operations. The Waterfall for IDS hard- ware is physically not able to pass any signal back into an OT network from any external network. The joint solution

has been deployed, tested and certified for compatibility and interoperability by a combined team of Waterfall and Kaspersky engineers who carried out extensive compati- bility verification tests on the two products to ensure tech- nological and operational benefits from the final solution. The advantages include extending the visibility of security and network operations centres (NOCs) into fully- isolated industrial control system (ICS) networks, enabling real-time analysis of network traffic for any suspicious activities, and the ability to connect industrial networks into enterprise monitoring, analysis and alerting infrastructures without the risks of firewalled connectivity. “At Kaspersky we consider industrial network monitoring for security threats and anomalies one of the main meas- ures to establish a holistic OT security process. The certi- fied compatibility of Waterfall and Kaspersky technologies will give our customers the confidence to connect industrial networks into monitoring, analysis and alerting infrastruc- tures with an additional level of OT perimeter protection,” says Sergey Paltov, Solution Architecture Group Manager, Kaspersky Industrial CyberSecurity. “Extending the visibility of security and network opera- tions centres into industrial control system networks is often the first step taken by enterprise security teams tasked with securing industrial networks,” says Ran Pedhazur, Chief Business Development Officer at Waterfall Security Solu- tions. “We are happy to work with Kaspersky to provide Unidirectional Security Gateways for this important function that makes industrial network traffic and anomalies visible with Kaspersky Industrial CyberSecurity for Networks.”

For more information visit: www.kaspersky.co.za

Electricity + Control MARCH 2021

31