Autonomous Network Security Monitoring for Energy and Manufacturing Infrastructures

Mitch Webb
by Mitch Webb
category Perspective
tags Energy, ICS, Manufacturing, Utilities

As an industry, we’ve invested billions in monitoring corporate networks and as analysts we’re most familiar with these environments. Turn our attention to energy networks or manufacturing lines and the vast majority of us, including the largest companies in the world, will say we’re far from where we should be.

The latest news from the DHS about Russian infiltration of US energy companies and TSMC manufacturing lines affected by malware are just several more reminders that our approach today is not working.

We don’t believe that putting humans in front of consoles was ever the right answer for security monitoring, especially for network security monitoring of a complicated infrastructure where millions of security events are generated every day that require review.

Respond Analyst helps our energy and manufacturing customers monitor every critical infrastructure segment, from generation, transmission and distribution of energy to manufacturing lines. Respond Analyst continuously monitors and investigates every security alert generated by traditional network intrusion detection and prevention systems (IDS/IPS), Industrial Control System IDS, and anti-malware technologies. Additionally, Respond Analyst also understands critical assets, accounts and vulnerability data when making decisions for our customers.

When an incident is identified, Respond Analyst builds a full case, prioritizing and escalating events without ever requiring human interaction. This is all without our customers having to build, maintain and support costly and time-consuming rules, queries and other content.

The result is an out-of-the-box virtual security analyst that analyzes security data from critical infrastructure networks and escalates important issues in seconds when time is crucial. Our customers get a helping hand in the fight against nation states and costly malware attacks where they need it the most - they’re critical infrastructure.