Global cyber security leader Forcepoint today announced the creation of a new business unit to specifically meet the security challenges faced by critical infrastructure providers in today's sophisticated threat landscape.
The Forcepoint Critical Infrastructure business will leverage the full capability set of the company's Global Governments and Enterprise Security businesses to deliver defence-grade cyber security offerings for insider threat detection, enhanced data security and advanced threat protection for critical infrastructure.
The company will initially focus its efforts on organisations using industrial control systems (ICS) such as energy, oil and gas, and critical manufacturing. Leveraging its 20 years of experience securing high-assurance environments, Forcepoint is the only company today that can address the critical infrastructure threat where it is most vulnerable, the human point of interaction with systems and data.
The company will deliver a portfolio of integrated, behavioural-based cyber security products enriched with content relevant for the industrial space, focusing initially on network security solutions designed to bring more visibility to the sophisticated threats facing industrial control systems.
Connecting operational technology (OT) such as ICS and supervisory control and data acquisition (SCADA) systems to the IT network can offer new levels of functionality, cost savings and transparency to take advantage of big data and analytical insights.
This dependence on connected devices also exponentially expands the attack surface of the OT environment within critical infrastructure. The combination of sophisticated attackers understanding how to disrupt a physical process with the frequency of attacks targeting users with trusted access to sensitive information compounds the challenges facing CISOs and industrial plant operators to define ownership of these areas.
According to Gartner: "By 2021, 70% of OT security will be managed directly by the CIO, chief information security officer (CISO) or chief security officer (CSO) departments, up from 35% today."
"The relative ease and low cost of cyber attacks across borders today is leading to a crisis in critical infrastructure, where both the information technology and operational side of the house have to come together quickly," said Sean Berg, senior vice-president and general manager for Global Governments and Critical Infrastructure at Forcepoint.
"These industries provide essential services that underpin society, and they need to control access to the plant or electric grid to protect their users and critical data. The most effective, holistic approach requires behavioural insight to automatically provide security countermeasures without impacting availability to prevent intrusion into critical systems."
Choice of network segmentation options to protect industrial environments
Forcepoint's critical infrastructure offerings build on the company's decades of experience providing security solutions that protect sensitive government networks and secure connectivity between these networks and the Internet.
These solutions will be tailored to meet the content requirements of industrial environments, providing secure segmentation to address operational needs, such as vendor partners requiring remote access, and a baseline for monitoring threats within industrial environments.
Forcepoint's solution allows critical infrastructure operators to have the security of a firewall or safe, one-way data transfer for more sensitive areas, while ensuring compliance with standards such as NERC-CIP, NEI-08-09 and ISA/IEC 62443.
Forcepoint NGFW provides consistent security, performance and operations across physical, virtual and cloud systems and is designed for all three stages of network defence: to defeat evasions, detect exploits of vulnerabilities and stop malware.
It provides fast decryption of encrypted traffic, including HTTPS Web connections, combined with granular privacy controls that keep organisations and users safe in a rapidly changing world.
Forcepoint Data Guard can validate all data transfers at the application and data layers, allowing only valid commands and data sets required for operations. The data flowing between the operational and information networks can be audited and controlled over a one-way connection, providing a higher level of security and reliability required for highly regulated industries like nuclear power plants.
These network security products are part of Forcepoint's Human Point System portfolio that enable ICS, government agencies and enterprise organisations to "start anywhere" to address data and user security needs across insider threats, human-centric behavior analytics, data loss prevention, cloud security technologies (CASB), and Web/e-mail security.
Forcepoint's cyber security innovations integrate seamlessly into a system with unified policy management or plug into existing on-premises or cloud environments.
Share