With the growing digitization of the industrial world and the diffusion of connected devices, every sensor, server or peripheral can represent a potential access point to the network.

And if the network structure has not been properly segmented, the breach of a single access point could compromise the security of the entire system. To this consideration we try to add another one.

On average, it takes companies almost three months just to realize that they have been subjected to an attack: how much information could an attacker steal in all this time?

How much damage could it do? Today we are in the state in which cars were in 1900: very powerful but not very safe!

Today's system architectures are like 1900s cars: reflections on Cyber ​​Security for Industry 4.0

It is therefore clear why the topic of cyber security is increasingly becoming an absolute priority also in the industrial sector.

Many companies are therefore trying to take measures, but the risk is - once again - that of committing some (sometimes serious) errors of assessment.

The features of Nozomi, the No. 1 platform in the world for Anomaly Detection
IT is different from OT

The first thing to do is not to rely on solutions borrowed from the IT field. In the industrial sector – OT, as it is often defined – the use of Firewalls designed for web applications and traditional IT has proved largely ineffective: ports, protocols and rules are in fact different.

 

Industrial Cyber ​​SecurityIndustrial Cyber ​​Security

And there are also different skills required to understand and therefore adequately protect applications in automation, control and remote control networks from IT risks in industry and critical infrastructures.

If it is not possible to use normal Firewalls, it is therefore necessary to equip oneself with intelligent devices equipped with dedicated protection functions, advanced filtering algorithms, White-Listing and anomaly detection.

A "guardian" for industrial communications ScadaGuardian is the Nozomi Networks solution dedicated to the detection of anomalies in the traffic of industrial networks.

The system is designed to help companies improve the reliability, safety and operational efficiency of control systems: as soon as it is installed, the platform helps to rebuild the network architecture structure.

Thanks to the analysis of the relationships between the various terminals and of the traffic volumes, the rules of a "normal" communication are defined and the platform learns about the legitimate behaviours.

 

 

After this set-up phase, which takes place mainly automatically, the Nozomi Networks solution remains in silent listening, monitoring the network and highlighting any anomaly.

The appliance passively inserts itself into a communication network and therefore does not slow down or affect the process in any way.

Thanks to this Anomaly Detection platform, companies can quickly detect cybersecurity threats, risks and incidents, significantly reduce the time to troubleshooting and recognize operational anomalies.

In the case of large distributed industrial networks, the Central Management Console (CMC) solution allows you to supervise and monitor the entire network from a single point, track assets and recognize when they may pose a risk to the company's security.

Anomaly detection