The global cyber security comapny has announced the creation of a new business unit "to specifically meet the security challenges faced by critical infrastructure providers in today’s sophisticated threat landscape".
Given the importance of critical infrastructure and industrial systems to modern civilisation, and the threat that bad actors and unfriendly nation states can wreak upon such systems, Forcepoint is clearly getting to the point in proffering professional protection.
The company says its new "Critical Infrastructure business will leverage the full capability set of Forcepoint's Global Governments and Enterprise Security businesses to deliver defence-grade cybersecurity offerings for insider threat detection, enhanced data security and advanced threat protection for critical infrastructure".
Leveraging its 20-years of experience securing high-assurance environments, Forcepoint claims to be "the only company today that can address the critical infrastructure threat where it is most vulnerable – the human point of interaction with systems and data".
The company says it will "deliver a portfolio of integrated, behavioural-based cybersecurity products enriched with content relevant for the industrial space, focusing initially on network security solutions designed to bring more visibility to the sophisticated threats facing industrial control systems.
"Connecting operational technology (OT) such as ICS and supervisory control and data acquisition (SCADA) systems to the IT network can offer new levels of functionality, cost savings and transparency to take advantage of big data and analytical insights. This dependence on connected devices also exponentially expands the attack surface of the OT environment within critical infrastructure.
T"he combination of sophisticated attackers understanding how to disrupt a physical process with the frequency of attacks targeting users with trusted access to sensitive information compound the challenges facing CISOs and industrial plant operators to define ownership of these areas."
According to Gartner's "2018 Strategic Roadmap for Integrated IT and OT Security, by Saniye Alaybeyi, 3 May 2018", we're told that "by 2021, 70% of OT security will be managed directly by the CIO, chief information security officer or chief security officer departments, up from 35% today.”
Sean Berg, senior vice-president and general manager for Global Governments and Critical Infrastructure at Forcepoint, said: "The relative ease and low-cost of cyber attacks across borders today is leading to a crisis in critical infrastructure, where both the information technology and operational side of the house have to come together quickly.
“These industries provide essential services that underpin society, and they need to control access to the plant or electric grid to protect their users and critical data. The most effective, holistic approach requires behavioural insight to automatically provide security countermeasures without impacting availability to prevent intrusion into critical systems.”
Choice of network segmentation options to protect industrial environments
Forcepoint says its "critical infrastructure offerings build on the company’s decades of experience providing security solutions that protect sensitive government networks and secure connectivity between these networks and the Internet.
"These solutions will be tailored to meet the content requirements of industrial environments, providing secure segmentation to address operational needs, such as vendor partners requiring remote access, and a baseline for monitoring threats within industrial environments.
"Forcepoint’s solution allows critical infrastructure operators to have the security of a firewall or safe, one-way data transfer for more sensitive areas, while ensuring compliance with standards such as NERC-CIP, NEI-08-09 and ISA/IEC 62443.
"Forcepoint NGFW (next generation firewall) provides consistent security, performance and operations across physical, virtual and cloud systems and is designed for all three stages of network defence: to defeat evasions, detect exploits of vulnerabilities and stop malware.
"It provides fast decryption of encrypted traffic, including HTTPS web connections, combined with granular privacy controls that keep organisations and users safe in a rapidly changing world.
"Forcepoint Data Guard can validate all data transfers at the application and data layers, allowing only valid commands and data sets required for operations. The data flowing between the operational and information networks can be audited and controlled over a one-way connection, providing a higher level of security and reliability required for highly regulated industries like nuclear power plants.
"These network security products are part of Forcepoint’s Human Point System portfolio that enable ICS, government agencies and enterprise organisations to 'start anywhere' to address data and user security needs across insider threats, human-centric behaviour analytics, data loss prevention, cloud security technologies (CASB), and web/email security."
The company naturally states that its "cybersecurity innovations integrate seamlessly into a system with unified policy management or plug into existing on-premises or cloud environments".
Former Intel/McAfee and Belden executive to lead Forcepoint Critical Infrastructure effort
David Hatchell, who will report to Sean Berg, has been named vice-president of Critical Infrastructure and will lead the new Forcepoint business unit.
A veteran of the technology and security industries, Hatchell "formerly led the critical infrastructure practice at Intel/McAfee and Belden. The unit will focus on tailoring Forcepoint solutions to the unique product requirements, challenges, and markets of the critical infrastructure space."