The Immune System Approach – Cyber AI for Industrial Control Systems

  /  ICS Security   /  Cybersecurity   /  The Immune System Approach – Cyber AI for Industrial Control Systems
Cyber AI for Industrial Control Systems

The Immune System Approach – Cyber AI for Industrial Control Systems

The practice of cyber security has changed dramatically in the past few years, presenting a significant challenge to management teams across all industries and business domains. As IT security teams become accountable for securing Operational Technology (OT) and OT-specialist teams similarly inherit responsibility for traditional IT security, this technical convergence requires the synergy of both specialist skills and working practices.

Compromised OT devices within ICS and SCADA environments can lead to enormous physical damage and danger to human life. Since the widely reported discovery of the Stuxnet attack in 2010, threats to industrial systems have increased in both number and capability.

Today’s malware campaigns can actively acquire critical data about control systems, quietly maintain persistent access and then reprogram them, completing the kill chain. Legacy defenses such as firewalls have become antiquated and inadequate, especially in detecting threatening insiders with privileged access. Increasingly sophisticated machine-speed attacks, alongside ever-rising control system vulnerabilities has heralded a new era of OT cyber-threat.

The Industrial Immune System

The Industrial Immune System is a Cyber AI Platform for OT environments which detects and autonomously responds to threats, regardless of whether they appear on legacy tool blacklists or are completely novel zero-day attack techniques. Its intelligent understanding of the entire digital estate allows it to recognize even subtle signals of emerging threats in real time.

The technology provides complete visibility across OT, IT, and industrial IoT in a unified view, giving security teams complete oversight of its decision-making.

It works by passively analyzing the ‘pattern of life’ for every user, device and controller, enabling the technology to recognize dangerous anomalies in behavior. Technology and protocol agnostic, it can be deployed across both OT and IT environments, providing full coverage of an organization without disrupting daily operations.

Contents of the white paper

  • The Challenge of Securing OT 
  • Threats Facing Industrial Control Systems 
  • The Industrial Immune System 
  • Darktrace Discoveries 
  • Conclusion

This white paper is sponsored by Darktrace

Post a Comment

You don't have permission to register