"We grew pretty fast to become the de facto solution in the electric industry as the OT network visibility and segmentation analysis solution, which is extremely important in the case of compliance for the regulation in this industry," Berthier says. The addition of Network Perception will provide Dragos with enhanced network visibility, compliance and segmentation analytics to the Dragos OT cybersecurity platform. Dragos field technology officer Phil Tonkin says that half of Network Perception's customer base, which is all in the electric sector, uses the Dragos platform. Industrial control systems (ICS) provider Dragos today announced that it has acquired Network Perception for an undisclosed sum, a move aimed at expanding its threat detection and visualization capability for operational technology (OT) environments. "It's a level of sophistication today that no human, even expert analysts, can comprehend because of the different layers of logic that the firewalls are using, from VPNs to VLANs to access rules to network address translation," Berthier adds. "From those configuration files, we build a model of the environment, and we can then show a topology map of those complex networks and check all the potential pathways inside those environments, which is very complementary to what Dragos is doing," Berthier explains. The addition of Network Perception will likely boost Dragos' visualization and risk-based capabilities while enhancing customers’ cyber resilience and compliance efforts, predicts Omdia principal analyst for IoT cybersecurity, Hollie Hennessy. Adding Network Perception promises to fill a gap in the Dragos platform, company officials told Dark Reading. Network Perception's NP-View tool provides network visibility, compliance monitoring, segmentation analytics and reporting for various large electric utilities. "Although the driver to get capabilities like this into the electric sector in the US has often been driven by compliance, we're seeing more and more people understanding the need to carry out those same actions just to manage their risks," he says. The Dragos threat intelligence platform, designed for OT infrastructure, includes sensors that monitor networks for anomalies and IOCs and visualization tools to track assets and risks and provide response playbooks. The company that Dragos bought, Network Perception, is lesser known and considerably smaller. In the coming quarters, Tonkin says Dragos will integrate NP-View into its platform and offer it as an option to its customers in adjacent OT sectors. When integrated, the Dragos platform will be able to consume the data ingested into NP-View to add context around the different levels of suspicious activity that is needed, he notes. "Many OT organizations are struggling with challenges such as skills shortage and resource issues, meaning compliance can be a struggle--thus being able to automate functions such as reporting instantly, can alleviate some of those issues," she says. “Right now, our focus is to just build on the strengths that we've just gained by bringing Network Perception into the team,” Tonkin says. At the time, co-founder and CEO Robin Berthier says he and his team were working on the U.S. Department of Energy's 10-year cybersecurity roadmap, which developed a prototype for what is now NP-View. "It's really important to have the context around the network's access policy, like the zone-to-zone accessibility," Berthier says. Further, he notes that while Dragos' sensors monitor network traffic, security operators still must decide what steps to take to address suspicious activity and anomalies. Berthier claims that NP-View is unique because it ingests only configuration files from firewalls, routers and switches deployed in OT networks, not log data or telemetry from sensors.
This Cyber News was published on www.darkreading.com. Publication date: Wed, 02 Oct 2024 05:25:51 +0000