Security by Sector: FireEye and Claroty Team Up to Simplify ICS/OT Threat Detection and Response

Written by

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?

The industrial control industry is one fraught with cybersecurity risks – risks that are well-documented. It is sector greatly relied upon for various critical processes, including the management and production of water, gas, electric and transport. However, it is also an industry that depends heavily on the use of (often) outdated and insecure operational control (OT) systems, perfect targets for cyber-criminals seeking to cause havoc.

Thankfully, a new partnership between Claroty and security giant FireEye is seeking to help industrial control enterprises improve their response times to OT security incidents, reduce exposure to cyber-risk in their OT environment and maintain consistent implementation of their security protocols when detecting and responding to OT cyber-threats.

The companies announced that Claroty will integrate its Continuous Threat Detection (CTD) solution with FireEye’s Helix solution. Claroty’s CTD solution provides discovery of OT and IoT assets on automated industrial control networks, whilst FireEye’s Helix mixes disparate security tools and augments them with SIEM, orchestration and threat intelligence capabilities.

The firms said the integration will allow Helix to consume and integrate OT asset details and alerts from the Claroty platform and provide security staff with a consolidated view of both IT and OT related threats.

“Claroty’s asset discovery and threat detection are unmatched, but it is equally important that we enable security teams to work smarter and more efficiently by integrating with leading platforms like FireEye Helix,” said Benny Porat, Claroty’s co-founder and chief product officer. “This integration with FireEye ensures our joint customers not only receive detailed, early warning of potential OT/IoT security threats, but they can also orchestrate their response to ensure speed and consistency no matter where the threat originates.”

“One of the largest challenges in a security operations center is simply keeping up with the volume of incoming alerts and executing prompt response protocols,” added Phani Modali, vice-president of engineering at FireEye. “With our customers now taking responsibility for securing both IT and OT environments, the challenge has grown exponentially. Integrating the rich, contextual OT data from the Claroty platform into FireEye Helix makes this challenge much easier to manage and automate, increasing the ROI of both technologies.”

What’s hot on Infosecurity Magazine?