Many people are familiar with the “wayback machine,” an incredibly useful internet archive at web.archive.org. But until now, there’s been no similar type of system for cyber security professionals. An attack may happen today and then not manifest itself for months or years … by then, it’s nearly impossible to do the sleuthing necessary to figure out how the break in happened.
Now Siemens is partnering with Chronicle (an Alphabet company) to provide industrial monitoring and detection for the energy industry. Through a unified approach that will leverage Chronicle’s Backstory platform and Siemens’ strength in industrial cyber security, the combined offering is said to give energy customers unparalleled visibility across information technology and operational technology to provide operational insights and confidentially act on threats.
Research conducted by Siemens and Ponemon Institute found that while 60% of energy companies want to leverage analytics, a mere 20% are using any sort of analytics to do security monitoring in the OT environment. What’s more, small and medium enterprises are particularly vulnerable to security breaches — they frequently do not have the internal expertise to manage and address increasingly sophisticated attacks.
At last month’s Spotlight on Innovation event in Orlando, Siemens Global Head, Industrial Cybersecurity, Leo Simonovich, and Mike Wiacek, co-founder and Chief Security Officer at Chronicle spoke about this partnership and its significance.
“To develop a continuous situational awareness of what’s happening in both the digital and physical worlds, we need to consume so many types of data — and in volumes that are almost incomprehensible. Being able to store this amount of information, let alone study it for those key links that may identify a cyberattack, is near impossible. But with Backstory, what was once impossible is now a reality,” said Wiacek.
Backstory, Wiacek explained, is a global security analytics platform designed to collect, integrate and store petabytes of data and allow analysts to be able to study and analyze that over significant periods of time.
“At its core, Backstory provides us with both visibility and context,” Wiacek said. “It’s a tool that can conduct in-depth forensic investigations as well as forensic analysis. We can look at behaviors so that security analysts can look back across time and different dimensions of data to identify, and understand, unusual activity that could indicate an attack is underway.”
By identifying patterns and backstory, Siemens security analysts can build a picture of what’s happening, as well as the potential impacts. Then, the company’s OT specialists can work with customers to build systems tailored for critical infrastructure and industrial technology and, when necessary, take action. In most cases, unlike what’s portrayed in James Bond movies, it doesn’t mean a system shutdown. Rather, it’s about working with customers to develop options that balance operational safety and security constraints — and building the confidence to take a proportional and appropriate response, quickly and decisively.
“Needless to say, we are excited about this partnership. An old company partnering with a fairly new company … the whole idea, is to bring the best of technology, and to tackle this problem with expertise and domain knowledge from Siemens,” said Simonovich. “This is a massive problem and it requires innovative and scalable solutions.”
The partnership between Siemens and Chronicle will help energy companies securely and cost-effectively leverage the cloud to store and categorize data, while applying analytics, artificial intelligence, and machine learning to OT systems that can identify patterns, anomalies, and cyber threats. Chronicle’s Backstory, a global security telemetry platform for investigation and threat hunting, will be the backbone of Siemens managed service for industrial cyber monitoring, including in both hybrid and cloud environments. This combined solution enables security across the industry’s operating environment — from energy exploration and extraction to power generation and delivery.
“Cybersecurity is, and has to be, more than a seatbelt or an airbag in the digital world. It’s a factor that is crucial to the success of the digital economy,” said Simonovich. “Our plan is to democratize security, to make it accessible to customers, irrespective of size or maturity. Security has to be simple, affordable, and easy to use.”