Last year, we successfully automated our asset inventory. EOS now has real-time visibility into all Operational Technology (OT) environments with ongoing monitoring of the exposure to risks and predictive warnings, including visibility into external remote network connections.
As a Product and Operational Cyber Security Officer at EOS it is my duty to protect our business values, tailored down to our business strategy. Through our cooperation with SCADAfence (https://www.scadafence.com/) I am happy to share my experience in intrusion detection and prevention with you.
After connecting the EOS manufacturing production environments to the Internet and adopting different cloud services, new security risks had emerged for our OT networks. We wanted improved visibility into our OT environments to prevent cyber attacks in the manufacturing industry. Therefore, the EOS’s security team needed to increase their visibility and management of OT assets and networks to improve the production and security of the company. Additionally, EOS needed to monitor and manage the remote connections of their OT networks for suspicious behavior and anomalies to immediately understand if there were any intrusions or malicious activities in their networks.
After deploying the SCADAfence Platform in our production environment, we see all the devices within their networks, and have real-time visibility into the OT environments, thus securing the compliance processes and the manufacturing sites. This has allowed us to be more efficient, productive and secure with OT environments. With SCADAfence and their integration with Rapid, we have complete visibility into our production environments all in one dashboard. In minutes, we had a complete overview of what's happening in our OT networks and industrial assets. Now, we are tracking the SCADAfence Platform as part of our daily work routine.
In addition, the EOS security team now has interactive network maps that allow us to explore and get a better understanding of the remote connections between their OT assets and networks. The network maps and diagrams from further improve the anomaly detection. The maps show which behaviors are happening on the network and if there are suspicious behaviors where the attack vectors are located in the manufacturing equipment.
Sometime after the SCADAfence Platform was implemented in the production environment, EOS was targeted by cyber attackers who attempted a ransomware attack on our systems. The SCADAfence Platform quickly alerted us of the attempted attack and provided in-depth details of which machines were being targeted. It also provided deep insights into the attackers’ exploitation methods. This allowed EOS’s security team to immediately respond to the incoming threat before the cybercriminals could materialize the ransomware attack. The quick remediation of the attack resulted in no downtime in production and enhanced the security to the complex OT environments.