Vancouver, British Columbia, Jan. 8, 2016 – GE (NYSE:GE) –Wurldtech, a GE-owned company and leader in cyber security for operational technology (OT), today announced the availability of OpShield, a security solution designed to protect critical infrastructure control systems and assets. The solution provides protection from cyber threats and vulnerabilities found in operational environments, and delivers defense-in-depth for oil & gas, power generation, transportation, healthcare and other industries.
The Emergence of OT security
Given the high profile nature of data breaches in recent years, IT security has received more focus and investment than OT cyber security. Yet control systems found in OT environments have unique and often embedded technology design, and have been traditionally managed in environments separate from IT. This has made conventional cyber security solutions ineffective for OT operators and system integrators.
With the advent of the Industrial Internet, operational environments are increasingly connected to a variety of IT networks, which adds complexity and risk. Even if not connected to the Internet, critical assets are vulnerable to insider threats and mishaps that can cause disruption and costly downtime. Adding urgency to the issue, nation-state hackers and other malicious actors continue to find new ways to infiltrate networks and applications that underlie critical infrastructure.
According to Paul Rogers, President & CEO of Wurldtech and General Manager of GE Industrial Cyber Security, “Critical infrastructure assets such as turbines, generators, and nuclear reactors were not necessarily designed to keep up with today’s advances in technology. But the rapid increase of cyber attacks on industrial operations in the past few years clearly demonstrates that securing critical infrastructure is becoming one of the high priorities for companies and organizations.”
Based on a 2015 report written by Ponemon and commissioned by Raytheon (Raytheon and the Ponemon Institute), 66 percent of organizations are not ready to address OT security issues. Organizations are putting their most critical assets at risk in an environment not suitable for IT practices.
Security Built Specifically for OT
As a security solution for OT, OpShield provides protection at the point where traditional or next-generation firewalls (NGFW) leave off—typically in a demilitarized zone (DMZ) environment. But unlike NGFWs, OpShield is designed specifically for OT environments to provide defense-in-depth for embedded systems and industrial assets connected to SCADA, distributed control systems (DCS), and safety systems that communicate in multi-vendor, complex environments.
“Cyber attacks are growing at a dramatic pace, and yet most companies are ill prepared,” said Sid Snitkin, ARC Advisory Group. “The stakes are high for industrial organizations as attacks on systems that control plants and infrastructure impact safety, business continuity and the environment. Air-gapping strategies are inadequate, and traditional IT security won’t do the job. It’s critical that operators get OT security right.”
By addressing vulnerabilities in real-time without taking systems offline, OpShield enables critical infrastructure to remain operational and protected from the increasing number of threats today.
"Traditional security solutions are great for protecting data that transpires across an IT network, but have no native support for the protocols and commands used in an industrial control network," said Nate Kube, Chief Technology Officer and Founder of Wurldtech. "It is simply too easy for bad actors to infiltrate and exploit vulnerabilities in this environment if the network isn’t protected by technology that can help detect threats at that level."
OpShield Solution Features:
- Designed specifically to protect industrial assets, applications, and communications across process control networks
- Provides protocol inspection engine that adapts to OT command and protocols
- Identifies and alerts or blocks at the application command level, helping reduce the threat surface
- Offered as a modular solution that scales to accommodate complex and harsh ICS and SCADA environments
- Delivered as easy-to-install appliances that can be implemented in tap or in-line mode minimizing disruption to production
About Wurldtech
Wurldtech, a GE company, is in the business of helping customers protect critical infrastructure from cyber attack. Wurldtech works with both device manufacturers and system operators to help provide protection for critical infrastructure against the persistent and dynamic cyber threats. Customers worldwide spanning Oil & Gas, Electric Power, Medical, Nuclear, Chemical, Manufacturing, Pharmaceutical and Water Treatment markets use Wurldtech products and services to reduce the risks and costs of a cyber attack, maximize system uptime and meet compliance mandates. Our Achilles certification programs have been widely adopted by both manufacturers and operators to deliver third party benchmark testing of product and system security. Additional information can be found at www.wurldtech.com.
