OT Risk Management – Deceiving Your Way to OT/ICS Security

Operational Technology (OT) networks are both high value and difficult to secure.

The challenges to securing OT in refineries, utilities and manufacturing include:

  • Concern that security controls will cause production failures;
  • The wide variety of esoteric, proprietary devices and protocols;
  • Onerous and inflexible change control procedures;
  • Poor documentation of the OT technical environment;
Acalvio ShadowPlex addresses the challenges of OT/ICS security, without incurring risk to facility operations:

ShadowPlex Attribute OT Security Benefit
Highly Effective Detection Detects adversary tradecraft in OT environments quickly
No Risk No agents; no active scanning and no impact on production systems
Coverage Supports IT and OT environments; bridges IT / OT cross-domain gap
Visibility Provides detailed network intelligence, and investigative forensics
Ease of Deployment Automated Autonomous Deception; no in-line devices
ShadowPlex operates independently of the production systems, without agents, in-line appliances, or active scanning. This fact is crucial to alleviating concerns about potential negative impact to the plant. It provides continuous visibility with respect to what’s on the network by passive scanning. And because Deception can easily be deployed in both IT and OT networks, it can provide protection for the IT/OT network interface, a key attack vector.
Acalvio’s strategy for Deception centers on flexible customization. Because OT environments vary so widely, deploying a turn-key solution and expecting it to be credible is unrealistic. ShadowPlex Autonomous Deception crafts deception assets to blend into the OT network, and can deploy decoys that leverage OT-specific custom web interfaces and golden images. It can mimic hardware devices seen in OT environments, and custom breadcrumbs can be deployed on either the IT or OT side to lure adversaries to the decoys. These features make ShadowPlex an ideal choice for OT risk management and security.

Next Steps

Let us show you our patented Deception 2.0 technology for your enterprise.