ARC’s model used for evaluation
The ARC Advisory Group has recently reviewed Radiflow’s line of solutions for industrial threat detection, risk management and OT security optimization.
ARC’s report contextualizes Radiflow’s offerings within their NIST-based model that presents the maturity gaps in OT cyber-security, using the better-protected IT realm for comparison, and focusing on three aspects of cybersecurity that need to be in alignment:
The people that operate OT security programs and the scarcity of skilled employees
The Security management tools used by security teams, for automating routine operations, handling alerts, setting automatic communication rules and isolating compromised assets, and conducting risk assessments toward planning and executing a long-term security program
NIST CSF Processes & Enabling Technologies: technologies for detecting anomalous behaviors within assets and network communications
The starting point for the review of Radiflow’s solutions was the inadequate maturity level of OT cyber-security all three levels, compared to IT security, i.e. lack of skilled professional, few tools for network security management, anomaly and breach detection and risk assessment, and underutilization of technologies for detecting anomalous network behavior.
Evaluation of Radiflow’s solutions
ARC’s evaluation of Radiflow’s solutions, namely the iSID industrial threat detection & monitoring system and the CIARA industrial risk assessment & management platform, resulted in an across-the-board endorsement: “Radiflow Can Help Companies Close OT Security Gaps”.
The report found that iSID, along with the iCEN management console for multi-iSID systems, and the iSAP bandwidth-friendly smart collector, closed the OT security gaps in identification of threats as well as anomaly and breach detection while CIARA closed the threat management gap; in addition Radiflow’s iSEG secure gateways provide local protection and access management for remote substations and other industrial sites.
Within ARC’s maturity/protection model, Radiflow’s solutions, therefore, bring industrial (OT) network cyber security to a level of maturity closer to that of IT cyber-security.
ARC’s Program Maturity Model, comparing OT and IT security
Takeaways from the ARC Report
While the technologies and management solutions by Radiflow reviewed in the report represent a big step toward maturity, OT security has yet to catch up with IT security in terms of adopting a holistic approach combining all aspects of threat management and vulnerability management.
Where OT security lags behind the most is availability of skilled security personnel. This will continue to be a problem in the foreseen future. That said, the report mentions Radiflow’s iSID and CIARA as highly suitable for use by OT-MSSPs (Managed Security Service Providers). By hiring an OT-MSSP, industrial users who choose not to set up a full-fledged OT security operation get the same level expertise, facilities and experience as large industrial corporations, with little upfront costs.
There’s no magic bullet for closing the OT-IT security gap. The report specifies the components of and steps to transitioning from passive to active defense, and from vulnerability management to threat management: implementing a system for TI-based threat detection; gaining full network visibility, into device lifecycle and properties; and maintaining continuous risk management, through analyzing the networks’ specific vulnerabilities, threats and controls, and simulating breach and attacks, toward determining the most effective, high-ROI mitigation controls.
Read full report