The future of manufacturing operations will rely on cloud services and industrial cybersecurity solutions that complement each other to deliver business outcomes safely, quickly, and efficiently. As a result of the continued success of digital transformation initiatives by Dragos and Amazon Web Services (AWS), Dragos has achieved the AWS Manufacturing and Industrial Competency, becoming the first Partner with Competency designation in the Operational Technology (OT) Security category.
The Dragos Platform on AWS empowers manufacturers to manage OT assets and quickly visualize, detect, and respond to ICS/OT cybersecurity threats, protecting their core business operations. Dragos enhances security and enables organizations to confidently deploy a range of AWS solutions that interact with their ICS/OT environments. The AWS Manufacturing and Industrial Competency differentiates Dragos as an AWS Partner Network (APN) member with demonstrated technical proficiency in:
- Securing customers’ cloud-based digital transformation efforts, providing OT-specific visibility, vulnerability management, threat detection, and incident response capabilities required for successful OT cybersecurity outcomes.
- Allowing customers, the option to anonymously share OT threat intelligence information at machine speed on the cloud, strengthening the entire manufacturing community’s defense capabilities in the process.
- Offering the flexibility and scalability of a cloud deployment for industrial cybersecurity technology, combining on-premises Dragos Sensors with cloud-hosted Dragos CentralStore and Dragos SiteStore for remote management and monitoring.
- Allowing customers to take advantage of AWS Marketplace for simplified procurement, consolidated billing, and the ability to use their committed spend with AWS to purchase the Dragos Platform.
This designation validates Dragos’s expertise, proven success, and leadership in OT cybersecurity, equipping clients with the necessary foundation for their digital transformation journey, while ensuring the safety, security, and reliability of OT systems.
Cybersecurity on the Manufacturing Floor: The Foundation to Successful Digital Modernization
Incorporating cloud and other digital technologies into manufacturing processes can help organizations increase overall equipment effectiveness, reduce waste, shorten lead times, and compete more effectively. Considering these benefits, a survey of industrial organizations by SANS, The State of ICS/OT Cybersecurity in 2022 and Beyond, 54% of respondents identified technical integration of legacy and aging OT technology with modern IT systems as their biggest challenge. 17.4% of respondents cited “Cloud-hosted OT assets” as control systems components at greatest risk for compromise. Another SANS survey, SANS ICS/OT Cybersecurity Survey: 2023’s Challenges and Tomorrow’s Defenses, revealed that “before deploying cloud services for any part of the ICS/OT systems/processes/assets/data, 61% of organizations indicated that they complete a risk analysis and security evaluation of the cloud service provider for the secure administration and management of the data, connections, and access.” A strong OT cybersecurity program is foundational to successful digital and modernization efforts that touch manufacturing processes.
The Dragos Platform provides the following key cybersecurity capabilities that enable IT, OT, operations, and business stakeholders to meet their goals while ensuring safety and quality.
Asset Visibility and Inventory
The Dragos Platform, an ICS cybersecurity technology, provides comprehensive visibility of your ICS/OT assets and is built to analyze multiple data sources including protocols, network traffic, data historians, host logs, asset characterizations, and anomalies.
Traditionally, maintenance technicians and controls engineers have kept manual records of asset inventories in spreadsheets or other files that have become outdated. With continuous asset monitoring, teams can keep their inventories up to date automatically, saving time for other operationally focused tasks. Knowing what you have is foundational to cybersecurity and can also facilitate lifecycle planning of assets that are aging and degrading uptime in today’s manufacturing environments.
Vulnerability Management
Dragos Platform customers gain comprehensive ICS/OT vulnerability management with corrected and enriched risk scores, and “now, next, never” prioritized guidance to enable customers full lifecycle management of specific vulnerabilities in their environment. Vulnerability management in the ICS/OT space requires more than simply looking at the security impact. When you look at the potential threat, a vulnerability can result in a loss of view or control of the process, which can result in people and product safety issues.
For mitigation or remediation, Dragos provides additional guidance versus the traditional method of required patching for protection. As uptime and availability of equipment is of utmost importance, Dragos provides alternative mitigations that that can be put in place to offer risk reduction until remediation can be properly scheduled and aligned with downtime. Alternatively, if a security patch requires operational downtime, but offers little in the way of cybersecurity risk reduction, it likely does not make sense to apply. Dragos provides the guidance to enable risk-based decisions.
Threat Detection
Utilizing the MITRE ATT&CK for ICS framework, the Dragos Platform provides accurate threat detection that rapidly pinpoints malicious behavior on your ICS/OT network. By providing high-fidelity alerts that reduce false positives, customers are able to focus security efforts where they matter most.
Incident Response
The incident response playbooks within the Dragos Platform provide incident responders with a historical timeline allowing teams to gather forensic records and to analyze relevant data, triage alerts, and determine if the activity monitored was malicious or benign. These step-by-step playbooks help with identifying why a detection matters, what the impact is from both sides of the security and operations lens, and what data is important to collect related to the event.
Collective Defense
Dragos Neighborhood Keeper is an opt-in program provided with the Dragos Platform that strengthens your cybersecurity posture by offering insight into the prevalence of real-world threats. Companies benefit from a collective defense and community-wide visibility solution that provides a more effective industrial cyber defense by anonymously sharing threat intelligence at machine-speed across industries and geographic regions. This collective defense solution focused on serving the ICS community enables participants to request and offer assistance and collaborate with trusted program partners.
Dragos Platform on AWS Solution Architecture for Manufacturing
The Dragos Platform architecture offers flexibility to meet varying manufacturing organizations’ needs. While the Dragos Platform can be deployed fully on-premise, customers who take advantage of Dragos Platform on AWS typically cite faster time to value, the convenience of a Dragos-managed cloud solution including updates to the latest knowledge packs (detections, IOCs, vulnerabilities), and easier collaboration with the Dragos experts who work alongside them to analyze threats.
A cloud-deployed infrastructure is three tiers and contains a network sensor, a SiteStore, and a CentralStore. CentralStore and SiteStore are deployed on the AWS cloud, managed by Dragos, and provided to manufacturers as a Software as a Service solution. SiteStore aggregates cybersecurity and operations relevant metadata collected from network sensors. CentralStore provides an enterprise-wide view of all assets, vulnerability, and threat detection data across SiteStores to give you an aggregated, fleet-wide view of your ICS/OT cybersecurity data. Sensor form factors range from industrial hardened appliances to enterprise grade appliances along with virtual appliances.
Sensors are strategically placed throughout a manufacturing environment to perform passive network traffic analysis where the Dragos Platform dissects over 200 protocols, focusing on proprietary ICS/OT protocols. Analyzing a network architecture and flow of a facility allows for identification of key data collection points where a sensor can be placed. No changes are required to the configuration of your controls and automation as the sensor analyzes copies of the network traffic that exists in your ICS/OT network. North-south IT/OT boundaries along with strategic east-west traffic areas are of interest and can be planned in phases to achieve broad coverage.
How Koch Industries Secures Manufacturing Technology with Dragos Platform on AWS
Koch Industries, a global leader in manufacturing, recognized the importance of safeguarding its operations against potential threats while embracing the benefits of digital transformation. In collaboration with AWS and Dragos, Koch Industries adopted the Dragos Platform to strengthen its cybersecurity defenses and ensure the integrity of its manufacturing technology. Read the case study here.
Available in AWS Marketplace
The Dragos Platform is available for purchase in AWS Marketplace, which allows customers to benefit from simplified procurement, consolidated billing, and the ability to use their committed spend with AWS to purchase the Platform. Customers adopting new cloud-native technologies to enhance their industrial operations can more quickly and easily expand their industrial cloud projects to include the Dragos Platform for OT asset visibility, threat detection, vulnerability management, and investigation and response.
Ready to put your insights into action?
Take the next steps and contact our team today.