Forcepoint Brings Full Weight of Defence-Grade Cybersecurity Portfolio to Secure Industrial Control Systems and Critical Infrastructure
September 2018 by Marc Jacob
Forcepoint announced the creation of a new business unit to specifically meet the security challenges faced by critical infrastructure providers in today’s sophisticated threat landscape. The Forcepoint Critical Infrastructure business will leverage the full capability set of the company’s Global Governments and Enterprise Security businesses to deliver defence-grade cybersecurity offerings for insider threat detection, enhanced data security and advanced threat protection for critical infrastructure. The company will initially focus its efforts on organisations using industrial control systems (ICS) such as energy, oil and gas, and critical manufacturing.
Leveraging its 20-years of experience securing high-assurance environments, Forcepoint is the only company today that can address the critical infrastructure threat where it is most vulnerable—the human point of interaction with systems and data. The company will deliver a portfolio of integrated, behavioural-based cybersecurity products enriched with content relevant for the industrial space, focusing initially on network security solutions designed to bring more visibility to the sophisticated threats facing industrial control systems.
Connecting operational technology (OT) such as ICS and supervisory control and data acquisition (SCADA) systems to the IT network can offer new levels of functionality, cost savings and transparency to take advantage of big data and analytical insights. This dependence on connected devices also exponentially expands the attack surface of the OT environment within critical infrastructure. The combination of sophisticated attackers understanding how to disrupt a physical process with the frequency of attacks targeting users with trusted access to sensitive information compound the challenges facing CISOs and industrial plant operators to define ownership of these areas. According to Gartner1, “By 2021, 70 percent of OT security will be managed directly by the CIO, chief information security officer (CISO) or chief security officer (CSO) departments, up from 35 percent today.”
Choice of Network Segmentation Options to Protect Industrial Environments
Forcepoint’s critical infrastructure offerings build on the company’s decades of experience providing security solutions that protect sensitive government networks and secure connectivity between these networks and the internet. These solutions will be tailored to meet the content requirements of industrial environments, providing secure segmentation to address operational needs, such as vendor partners requiring remote access, and a baseline for monitoring threats within industrial environments. Forcepoint’s solution allows critical infrastructure operators to have the security of a firewall or safe, one-way data transfer for more sensitive areas, while ensuring compliance with standards such as NERC-CIP, NEI-08-09 and ISA/IEC 62443.
Forcepoint NGFW provides consistent security, performance and operations across physical, virtual and cloud systems and is designed for all three stages of network defence: to defeat evasions, detect exploits of vulnerabilities and stop malware. It provides fast decryption of encrypted traffic, including HTTPS web connections, combined with granular privacy controls that keep organisations and users safe in a rapidly changing world.
Forcepoint Data Guard can validate all data transfers at the application and data layers, allowing only valid commands and data sets required for operations. The data flowing between the operational and information networks can be audited and controlled over a one-way connection, providing a higher level of security and reliability required for highly regulated industries like nuclear power plants.
These network security products are part of Forcepoint’s Human Point System portfolio that enable ICS, government agencies and enterprise organisations to “start anywhere” to address data and user security needs across insider threats, human-centric behavior analytics, data loss prevention, cloud security technologies (CASB), and web/email security. Forcepoint’s cybersecurity innovations integrate seamlessly into a system with unified policy management or plug into existing on-premises or cloud environments.
Former Intel/McAfee and Belden Executive to lead Forcepoint Critical Infrastructure Effort
David Hatchell, who will report to Sean Berg, has been named Vice President of Critical Infrastructure and will lead the new Forcepoint business unit. A veteran of the technology and security industries, Hatchell formerly led the critical infrastructure practice at Intel/McAfee and Belden. The unit will focus on tailoring Forcepoint solutions to the unique product requirements, challenges, and markets of the critical infrastructure space.