Bolstering the defenses that protect our critical infrastructure systems is front and center on the political and business agenda alike. However, ongoing regulatory audits are exposing high levels of risk due to vulnerabilities in systems that were not designed to support granular activity monitoring and security event logging. With the critical nature of these industrial control systems, it is increasingly important to provide dedicated monitoring and protection. At the same time, increasing regulatory pressure from NERC requires an overarching monitoring and assessment process, accelerating the need for a compatible SIEM system.
"With a fully integrated solution consisting of both SIEM and network, database and application security monitoring appliances, NitroSecurity is uniquely capable of solving the security and compliance requirements for critical infrastructure," said Eric D. Knapp, Director of Critical Infrastructure Markets for NitroSecurity. "With the assistance of Encari, we're able to extend the benefits of the NitroView platform to provide a highly focused, total solution for electric power generation, transmission and distribution."
"NERC CIP compliance goes beyond the simplistic report-packs that we see marketed by enterprise-oriented security vendors," said Encari Co-Founder Steven E. Hamburg. "Compliance requires assessment, remediation and ongoing sustainability. NitroSecurity's technology, paired with Encari's NERC CIP compliance expertise maximizes assurance of a successful initial implementation and provides a NERC CIP SIEM compliance roadmap for all NitroSecurity electric utility customers."
NitroView CIP monitors and alerts on control systems and cyber assets in real-time, producing a clear audit trail of how critical assets are used, and identifying those systems that are at risk --including passively monitoring the network and generating logs for assets that do not produce them natively. NitroView appliances are non-obtrusive and can drop into existing networks -- with no interruption of operations or impact to performance or reliability. Doing so enables critical infrastructure providers to:
* Monitor networks and assets for anomalies that could indicate threats * Inspect SCADA (Supervisory Control and Data Acquisition) and DCS (Distributed Control Systems) protocols including modbus, DNP3, ICCP and OPC * Generate auditable security logs for all monitored assets and applications * Simplify log reviews with built-in dashboards and reports for NERC CIP * Investigate threats in real-time to support rapid-response and recovery
NitroSecurity's roots in the Idaho National Labs, an applied engineering laboratory dedicated to supporting the U.S. Department of Energy, means that NitroSecurity understands the networks, protocols and applications of SCADA and DCS. This makes NitroView CIP suitable for deployment in a wide range of industrial systems, including electricity, water, gas and other critical infrastructures defined by Homeland Security Presidential Directive 7 (HSPD-7).
NitroSecurity's origins have also provided the company with unique advantages in performance and scalability, based upon patented high-speed data management technologies that allow NitroView to operate as a fully responsive component of incident response plans and real-time security operations centers.
"Other SIEMs simply aren't designed for rapid-response," added Knapp. "Response times measured in hours can sometimes be acceptable for certain compliance reporting functions, but when it comes to minimizing risk, reaction time is paramount. Within the context of critical infrastructure protection, a rapid response capability is mandatory... there's simply too much at stake to wait hours for your security platform to catch up."
NitroView CIP is available immediately. Pricing starts at $75,000 and includes products and initial NERC CIP compliance assessment and implementation services. NitroView CIP appliances are Common Criteria EAL3 certified and FIPS 140-2 Level 2 validated.
About Encari Encari is a leading provider of consulting services to assist owners and managers of critical infrastructure in honoring their commitment to safety and reliability. Encari achieves these objectives by protecting the cyber assets that help manage critical infrastructure and by assisting with all aspects of information security and regulatory compliance objectives. Encari provides services for a variety of critical infrastructures, such as Responsible Entities subject to National Nuclear Security Administration (NNSA) and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection Reliability Standards compliance and process control systems security.
About NitroSecurity NitroSecurity develops high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies, correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to their information and infrastructure. NitroSecurity serves more than 500 organizations in the energy, healthcare, education, financial services, government, retail, hospitality and managed services industries. For more information, please visit http://www.nitrosecurity.com.