Creating a “wayback machine” for IT security
any people are familiar with the “wayback machine,” the useful internet archive at web.archive.org. But until now, there’s been no similar type of system for cyber security professionals. An attack may happen today and not manifest itself for months or years … by then, it’s impossible to do the sleuthing to figure out how the break-in happened.
Now Siemens is partnering with Chronicle to provide industrial monitoring and detection for the energy industry. Through a unified approach that will leverage Chronicle’s Backstory platform and Siemens’ strength in industrial cyber security, the combined offering is said to give energy customers unparalleled visibility across information technology and operational technology to provide operational insights and confidentially act on threats.
Research has found that while 60% of energy companies want to leverage analytics, a mere 20% are using any sort of analytics to do security monitoring in the OT environment. What’s more, small and medium enterprises are particularly vulnerable to security breaches — they frequently do not have the internal expertise to manage and address increasingly sophisticated attacks.
At last month’s Spotlight on Innovation event in Orlando, Siemens Global Head, Industrial Cybersecurity, Leo Simonovich, and Mike Wiacek, co-founder and Chief Security Officer at Chronicle spoke about this partnership and its significance.
“To develop a continuous situational awareness of what’s happening in both the digital and physical worlds, we need to consume so many types of data — and in volumes that are almost incomprehensible. Being able to store this amount of information, let alone study it for those key links that may identify a cyberattack, is near impossible. But with Backstory, what was once impossible is now a reality,” said Wiacek.
“At its core, Backstory provides us with both visibility and context,” Wiacek said. “It’s a tool that can conduct in-depth forensic investigations … we can look at behaviors … to identify and understand unusual activity that could indicate an attack is underway.”
By identifying patterns, Siemens security analysts can build a picture of what’s happening, as well as the potential impacts. Then, the company’s OT specialists can build systems tailored for critical infrastructure and industrial technology and, when necessary, take action. In most cases, unlike what’s portrayed in James Bond movies, it doesn’t mean a system shutdown. Rather, it’s about developing options that balance operational safety and security constraints — and building the confidence to take a proportional and appropriate response, quickly and decisively.
“Needless to say, we are excited about this partnership. An old company partnering with a fairly new company … the whole idea, is to bring the best of technology, and to tackle this problem with expertise and domain knowledge from Siemens,” said Simonovich. “This is a massive problem and it requires innovative and scalable solutions.”
The partnership will help energy companies leverage the cloud to store and categorize data, while applying analytics, artificial intelligence, and machine learning to OT systems that can identify patterns, anomalies, and cyber threats. Backstory will be the backbone of Siemens’ managed service for industrial cyber monitoring. This combined solution enables security across the industry’s operating environment — from energy exploration and extraction to power generation and delivery.
Paul J. Heney – VP, Editorial Director