The ARC Industry Forum featured a significant amount of cybersecurity content that continues to find its way onto our YouTube channel, both in the form of professional video interviews and recorded presentations and sessions.
ARC vice president Sid Snitkin and Kim Legelis, CMO of Nozomi Networks discussed the message of visibility into ICS networks. Operators of critical infrastructure need to do all they can to minimize the safety, environmental, compliance, and business continuity risks related to cyber-attacks. This includes rapidly detecting and remediating system anomalies to minimize the impact of a successful intrusion. Continuous ICS security monitoring provides the visibility that defenders need to manage today’s sophisticated attacks.
Sid Snitkin also interviewed Lior Frenkel. CEO and co-founder of Waterfall Security. Waterfall offers a unidirectional security gateway that allows end users to integrate and share data from closed industrial control systems of various types with business level networks and the cloud in a secure fashion.
A Risk Model for Cyberinsurance
Lior also participated in the Monday lunch session on cyber insurance and the role of cybersecurity risk models for use in developing cyber insurance policies. Lior was joined by Shawn Wiora, CEO and Co-Founder of Maxxsure, which has its own method for qualifying risk that it calls M-Score, which rates overall cybersecurity and preparedness. M-Score is synthesized using input from multiple risk frameworks, including the NIST Cybersecurity Framework.
You can also check out y interview with Gaby Koren of Indegy, where we talk about the need for better visibility into control systems, their networks, and their connected assets. For many industrial control system end users, visibility into their installed base of assets and network is limited. The lack of visibility in industrial control networks (ICS) and the control assets remains the biggest barrier to protecting industrial facilities and mitigating cyber-physical threats. Visibility into changes made to industrial controllers is crucial for preventing unwanted disruptions. Without full visibility into these activities, security teams abstract limited value from their security efforts.