increasing infrastructure m a k e s i t exponentially … · powered by the internationally...
TRANSCRIPT
T H E M O S T S O P H I S T I C A T E D I N D U S T R I A L C Y B E R S E C U R I T Y I N T H E W O R L D
I N C R E A S I N G C O N N E C T E D N E S S O F C R I T I C A L I N F R A S T R U C T U R E M A K E S I T E X P O N E N T I A L L Y M O R E V U L N E R A B L E T O C Y B E R A T T A C K
I N D U S T R I A L A S S E T S A R E V U L N E R A B L E T O C Y B E R-AT TA C K
Over the past two decades industry and government have been transforming how they manage critical infrastructure, by embracing new technology and analytics for improved efficiency and productivity, to remain competitive in the global marketplace.
As a result, billions of Operational Technology (OT) devices used to control, monitor and manage systems integral to operations in every industry sector, and any nation’s critical infrastructure, are being connected to the Information Technology (IT) network.
However, the majority of this OT, which utilises ageing industrial control system architecture, was never designed to be converged with IT.
So, now more than ever, previously isolated, critical infrastructure assets, which are the most challenging to secure, are connected to the outside world and have proven vulnerable to cyber-attack.
T H E C Y B E R T H R E AT I S R E A L A N D N O O N E I S I M M U N E
In the past, the focus was on the physical security of devices, and connectivity was prevented. Today, this, “Air Gapping” approach to securing systems is no longer an effective defence. The reality is that, due to the convergence of IT and OT, the critical infrastructure assets that underpin national economies are now just 32 milliseconds from anywhere on the planet. Threats are no longer isolated to a physical attack but now include anyone with a computer anywhere in the world.
Globally, both industry and government are now being actively targeted and the range of attackers is diverse. From competitors seeking to disrupt operations, foreign powers looking to steal IP, customers trying to gain an advantage in negotiations, activists wanting to cause reputational damage, professional criminal syndicates trying to extort money or hackers chasing a new challenge; even unwitting employees with smartphones can be an insider threat. Further compounding the situation, malware is now being designed to specifically target OT networks.
Whatever the motivation, the potential for a major service failure within your operation, and a catastrophic safety or environmental incident, is real and imminent.
T H E N E X T E V O L U T I O N O F C Y B E R S E C U R I T Y I S H E R E
By 2020, there will be an estimated 50 billion machines connected through the internet.
It is now commonplace within major industrial plants and infrastructure to find hundreds of thousands of OT devices now connected to IT networks.
Adding to this complexity are the protocols of numerous device manufacturers that were not designed to protect against cyber-attacks, lack of software updates, or patching, due to minimising downtime, together with the extended age of systems, and you can see the challenge of effectively detecting or defending cyber-attacks.
In addition, most operators don’t have a reliable inventory of their systems and devices, or context and situational awareness, so many organisations are capturing vast data lakes that are completely redundant, consuming enormous quantities of unnecessary time and cost.
Even the most sophisticated cybersecurity providers haven’t found a way around the problem, leaving critical energy, resources, communications, water, finance, transport and defence infrastructure completely vulnerable.
The threats to critical infrastructure are now so advanced that they require an industrial cyber security solution that combines advanced technologies, machine learning and human intelligence to protect networks against the complex range of attack scenarios they are vulnerable to.
Sapien Cyber has developed a solution that changes the cybersecurity landscape forever.
Sapien understands the threat landscape and offers solutions to address the complexity found within commercial, industrial and government owned assets. With the potential vulnerabilities within these assets growing, our solution offers unprecedented visibility across your enterprise network and a more sophisticated way to prepare and defend against these types of attacks, and shield your systems from cyber criminals.
1THE DIGITISATION
OF CRITICAL ASSETS HAS EXPONENTIALLY INCREASED THE RISK
AND REACH OF A CYBER SECURITY INCIDENT
3THE THREAT EXPOSURE OF ORGANISATIONS MANAGING CRITICAL INFRASTRUCTURE HAS INCREASED RADICALLY
AS A RESULT OF DIGITAL TRANSFORMATION.
30% OF ALL CYBER ATTACKS ARE ON CRITICAL
INFRASTRUCTURE AND THE FREQUENCY OF CYBER ATTACKS IS RAPIDLY
INCREASING.
2++
T H E I N D U S T R I A L I N T E R N E T H A S C R E AT E D A N E W P R O B L E M
SAPIEN HAS
DEVELOPED A SOLUTION
THAT CHANGES THE
CYBERSECURITY
LANDSCAPE FOREVER.
Y O U R A S S E T S A R E N O W J U S T
3 2 M I L L I S E C O N D S F R O M A N Y O N E ,
A N Y W H E R E O N T H E P L A N E T
0.0032S E C O N D S
D E V E L O P E D B Y T H E W O R L D ’ S F O R E M O S T C Y B E R S E C U R I T Y T E A M
Sapien has created the world’s most sophisticated OT solution, designed to detect cyber-attacks before they impact your operation, no matter where it is located.
Powered by the internationally recognised cybersecurity team at Edith Cowan University, Sapien provides a systems of systems approach to cyber security. Our sophisticated system meshes advanced cybersecurity technologies, Advanced malware detection, Machine Learning and Artificial Intelligence together with significant cyber security and industrial control system knowledge to rapidly detect anomalies and cyber-attacks in your network traffic.
Sapien’s technology allows clients to establish their existing security posture, before developing an effective long term strategy for asset protection, system health checks and hygiene actions.
Through the use of its passive systems analysis technology we provide an unparalleled level of vulnerability identification, risk classification and solution advice to threats and attacks.
All traffic is monitored in real-time to identify any anomalies, ascertain exactly what they are, whether they pose a threat or not, where they came from and how they got there so you can take immediate and effective action.
Sapien’s secure customer portal provides unprecedented visibility over all your operations and devices through an intuitive and easy to use interface. Customer specific data does not leave the site, only encrypted dashboard data is utilised within the portal.
Real-time, operation-wide monitoring and analysis of network cyber risks and threats
Powered by the world recognised cybersecurity team at Edith Cowan University
Vulnerability analysis to determine the risk
Threat detection and threat hunting with nanosecond precision
Managed Security Operating Centre provides real-time actionable intelligence back to the operator
Dashboards detailing technical data, risk classification and security events contextuallised for system engineers, security personnel or business executives
Network visibility – asset and threat discovery, identification and mapping
Customer data does not leave site Sovereign data – never leaves country of origin
PORTAL SUPPORT
SITE OVERVIEWS
USER ACCOUNT SETTINGS
ATTACK DASHBOARD
INVENTORY DASHBOARD
NETWORK MAP
THREAT MAP
IDS ALERTS
MALWARE ANALYSIS
CASE ALERT FEED
INVENTORY
MALWARE ALERTS
MESSAGES
LOGOUT
5
0
0
0
10:41:19 WED 27 JUNE 2018
SITE OVERVIEWS
NETWORK INVENTORY MAP NETWORK INVENTORY MAP
MALWARE ALERT INVENTORY LIST ALERTS
Sapien - Stark Site One
POSSIBLE_SPLIT_ROUTING
SCAN POTENTIAL VNCDETECTION OF A NETWORK SCAN
GPL DNS NAMED VERSION
180.78.33.1210.1.16.150
10.1.0.2
CASE 68 | THREAT LEVEL HIGH
CASE 64 | THREAT LEVEL HIGH
CASE 30 | THREAT LEVEL MEDIUM
CASE 32 | THREAT LEVEL LOW
→
→
→
→
2C:FD:A1:BC:14:81
00:0C:29:88:98:99
54:A0:50:D5:F8:DC
00:A0:0B:78:83:99
00:0C:29:02:3F:36
AC:22:0B:83:52:94
00:50:56:A1:BF:B9
AC:0C:29:22:3F:3F
ASUSTEK COMPUTING INC.
ASUSTEK COMPUTING INC.
ASUSTEK COMPUTING INC.
ASUSTEK COMPUTING INC.
VMWARE, INC.
ASUSTEK COMPUTING INC.
VMWARE, INC.
VMWARE, INC.
→
→
→
→
→
→
→
→
VIEW ALL
VIEW ALL
hmi.exe
FHbVis2ERIS0YirKe8.exe
hmi.exe
{anti-behavioral-analysis,data-theft...
{anti-behavioral-analysis,data-theft...
{anti-behavioral-analysis,data-theft...
→
→
→
VIEW ALL
U N P R E C E D E N T E D V I S I B I L I T Y
T H R O U G H A N I N T U I T I V E , E A S Y
T O U S E I N T E R F A C E
W H A T W E D E F E N D
_ I N F R A S T R U C T U R E
_ U T I L I T I E S
_ P L A N T, P R O C E S S E S A N D A S S E T S
W H A T
W H YW H Y D E F E N D I T ?
_ P R O T E C T P R O D U C T I O N A N D A S S E T S
_W O R K F O R C E S A F E T Y
_ P R O T E C T I P
_ L E G A L A N D G O V E R N A N C E
H O WH O W W E D E F E N D I T
_ C O M P L E T E V I S I B I L I T Y, A D VA N C E D T H R E A T D E T E C T I O N
_ D E T E C T, D I S S E C T, L E A R N , R E S P O N D W I T H S P E E D A N D C E R T A I N T Y
_ 2 4 / 7/ 3 6 5 V I G I L A N C E
_ A I A N D M A C H I N E L E A R N I N G
E V O LV E W I T H U S sapiencyber.com.au
Sapien Cyber Corporate Headquarters Building 6, ECU, 270 Joondalup Drive Joondalup, WA, Australia, 6027
1800 378 200 [email protected] sapiencyber.com.au
C Y B E R S E C U R I T Y F O R O P E R A T I O N A L T E C H N O L O G Y
I N DU S T R I A L P L A N T S /
P U B L IC I N F R A S T RU C T U R E /
T R A N S P OR T S Y S T E M S /
C R I T IC A L I N F R A S T RUC T U R E N E T W OR K S /
U T I L I T I E S /