Tel Aviv-based industrial cyber security company Indegy was founded to prevent operational disruptions from cyber attacks, malicious insiders and human error. DirectIndustry e-magazine talked to Dana Tamir, VP of Marketing, about providing comprehensive visibility into and management of industrial control networks.
DirectIndustry e-magazine: Please tell us about your platform.
Dana Tamir: The Indegy platform is based on proprietary patent-pending technologies developed by our team of industrial control systems (ICS) security experts. It is purpose-built to provide real-time visibility, situational awareness and activity monitoring for ICS networks and to alert personnel to events that might disrupt operations.
DirectIndustry e-magazine: Can you explain the technologies?
Dana Tamir: Control Plane Inspection (CPI) is a passive, deep-packet inspection engine specifically designed for the unique characteristics of industrial control systems. It monitors all control plane engineering activities performed over proprietary, vendor-specific protocols and captures changes to controller logic, hardware configuration, firmware downloads/uploads, user settings and tag additions/deletions. CPI provides real time alerts and a comprehensive audit trail of all activities performed over the operational network. Agentless Controller Validation (ACV) is a patent-pending technology used for validating the integrity of control devices and ensures no unauthorized changes are made. It surveys the controllers using their native certified protocols and API, guaranteeing zero impact on performance while gaining maximum visibility. It periodically verifies control device firmware, control logic and settings, providing full visibility. ACV captures all changes to programmable logic controllers, remote terminal units and distributed control system controllers, whether performed over the network or directly on the physical devices.
DirectIndustry e-magazine: How do these elements help protect a system from cyber attacks?
Dana Tamir: Each core technology focuses on different and unique aspects of the control plane activities and solves different ICS visibility challenges. The combination of these innovative technologies provides unmatched visibility into ICS activities, especially control plane events that impact critical controller logic. It ensures all activities are captured.
DirectIndustry e-magazine: Where do the cyber attacks usually come from?
Dana Tamir: Cyber threats can come from external sources or already exist within the network. Regardless of the source, Indegy identifies in real time any suspicious or unauthorized activity and sends an alert to enable engineering and security staff to respond before damage occurs. The detailed alerts and comprehensive audit trail enable our customers to quickly pinpoint the nature of unknown ICS activities and decide how to mitigate threats.
DirectIndustry e-magazine: Who are your main customers?
Dana Tamir: They include power, energy and water utilities, chemical, pharma and consumer goods manufacturing companies, automotive manufacturers and food and beverage companies.