NEW YORK–Deloitte will expand its cyber risk platform for end-to-end industrial control systems (ICS) and operational technologies (OT) security with technology enabled by Dragos.
Increased connectivity among industrial facilities, supply chains, customers, and operations brings with it new operational cyber risks and the potential for cyberattacks to have more extensive effects. Many organizations have started to focus on securing ICS and OT, but less so on monitoring emerging cyber threats, Deloitte said. ICS and OT threat-monitoring technology are said to be able to facilitate a better understanding of the vulnerabilities embedded in these systems, thus allowing industrial concerns with such interconnected networks to gauge the likelihood of an event and adequately scenario plan.
Deloitte Risk and Financial Advisory Cyber Risk Services’ end-to-end ICS offering, enabled by Dragos technology, can help organizations manage their cyber risks in the ICS and OT environments by using a combination of cyber security products and services. This combination brings hunting and reconnaissance capabilities that now allow organizations to look beyond internal data to threat documentation found in external databases.
Beyond securing ICS and OT systems, this combination of cyber risk services and technologies can provide a more complete picture of a company’s ICS and OT threat landscape through active monitoring that can better inform scenario planning and response.
“Assessing the cyber risks of our clients’ ICS and OT, we see that many organizations are often unprepared for the magnitude of the impact to operational technology and industrial control systems environments” said Ed Powers, principal, Deloitte & Touche LLP, and US leader for Deloitte Risk and Financial Advisory Cyber Risk Services. “A decision to include OT and ICS as a part of a broader cyber risk management program can improve a company’s understanding of the potential damage resulting from a cyberattack and can bolster the efficacy of its cyber risk mitigation strategy.”
Deloitte has invested in ICS and OT related security services across a number of industries including industrial products and services, chemical and specialty materials, automotive, oil and gas, power and utilities, and life sciences. Such investments are designed to help manage the risk of ICS and OT environments by enabling organizations to monitor and assess threats. Organizations can benefit from a better understanding of threats in this environment, which can then be used to develop and embed cybersecurity strategies into organizational and technology strategy.
“Cyber risk management is increasingly a reputational issue for many organizations,” said Chuck Saia, CEO of Deloitte Risk and Financial Advisory. “Faced with stakeholder expectations, executives are grappling with questions about their preparedness for a cyber incident. They’re wondering if they have the ability to respond and recover. And how it could impact their reputation. To address their cyber posture, many organizations are going on the offensive to add tech-enabled cyber risk management products and services.”
The Dragos platform, Threat Operations Center, and intelligence team form an ecosystem of technology, people, and intelligence to safeguard industrial networks. The Dragos platform is designed for industrial networks and provides visibility into the environment, detection of threats through behavioral analytics, and the automation of workflows including incident response data collection and analysis.
“There have been pockets of excellence around the community in industrial security leading practices. But the world is facing a more connected infrastructure and a more aggressive threat than we’ve seen in years past,” said Robert M. Lee, CEO, Dragos. “Now is an important time to get the solution correct and that’s what the Dragos and Deloitte cooperation represents.”