The growing inter-dependence and interoperability between Information Technology and Operational Technology (OT) now being delivered by cloud-delivered environments means a growing potential also exists for closer interaction when security is attacked in any way.
One of the early entries into trying to short-circuit such possibilities, AlertEnterprise has just introduced Enterprise Sentry, which it claims is the first proven IT-OT (Operational Technology) Security Convergence Platform. Now operating in high security environments, the company states that it meets the rigorous definition of Cybersecurity revised to include IT Security, OT Security and Physical Security set by market analysts, Gartner.
Organisations are conditioned to respond to incidents along departmental lines. This silo approach leaves wide gaps open for malicious actors to opportunistically create blended threats across the domains of cyber security, physical security and operational systems, thereby defeating exiting security and controls.
Enterprise Sentry delivers security intelligence for fast, informed response to security breaches across multiple domains: IT security, physical access to facilities and assets; and operational technology like SCADA or Industrial Control Systems.
By consolidating cyber, human and asset intelligence, it delivers resources to the SOC (Security Operations Centre) to help correlate threats that extend beyond IT and across the enterprise, and deliver smart decision support to security teams for the most rapid response to unfolding events, mitigating their impact, and sometimes preventing incidents altogether.
“Critical infrastructure like Utilities, Oil and Gas, Chemicals, and Transportation all manage large geographically dispersed operating assets.” said Mark Weatherford, a Principal at the Chertoff Group and the former Deputy Undersecretary for Cybersecurity at the US Department of Homeland Security. “Until now it has been impossible for organisations to simultaneously capture, correlate and comprehend the vast number and types of threats, both physical and cyber in all locations”.
Enterprise Sentry features include built-in risk scoring by role, for employees and contractors, as well as asset risk for high-value assets and underlying systems. Additionally, machine learning features assist with assimilating behaviour patterns and delivering split-second detection of anomalies. Built-in support for big data components like SAP HANA and Hadoop ensures real-time correlation of signals across complete data sets from disparate threat intelligence sources.
