Onclave cybersecurity guards OT, IoT endpoints in critical infrastructure
In an effort to prevent cyberattacks and the risk of data breaches to critical infrastructure, Onclave Networks Inc., a global cybersecurity expert specializing in securing OT/IoT devices and systems, notes that its TrustedPlatform secures OT and IoT endpoints, eliminating the attack surface most vulnerable to malware. Further, the company says it views the adoption of Zero Trust guidelines as essential for protecting critical infrastructure.
"Attackers are more sophisticated than ever," says Don Stroberg, CEO of Onclave. "Operational technology is too complex and diverse to protect with a passive approach or a continued reliance on IT security solutions. It also means a near-infinite number of attack vectors to exploit. Our platform is purpose-built to secure OT/IoT systems and is based on Zero Trust principles. Our solution greatly reduces the number of potential attack surfaces, and is the ideal choice for mitigating the risk of breaches to OT/IoT networks."
Critical infrastructure and healthcare facilities are particularly vulnerable targets, observes Onclave. As an example, power plants, refineries, and hospitals can have tens of thousands of non-IT devices. A complex network of devices means a potentially innumerable number of vulnerable endpoints that can be exploited, increasing the risk and cost when it comes to ensuring the protection and integrity of the network.
Onclave recommends that businesses across industries should adopt a Zero Trust framework; meaning that trust is verified at each endpoint before access is granted to any device, system or user. "This is the core principle of the Onclave TrustedPlatform. Our unique solution continuously reassesses trust to ensure the integrity of your network," Stroberg says.
Notably, as cited by Onclave, according to industry data:
- Cyberattacks are up 92% and the average data breach now costs $3.86M to resolve (though some businesses report costs in the tens of millions).
- Since COVID-19, the FBI reports on average 4,000 cyberattacks a day (A 400% increase).
- Interpol reports "an alarming rate of cyberattacks aimed at major corporations, governments, and critical infrastructure."
- Ransomware attacks are up 800%.
The National Security Agency (NSA) recently released the Cybersecurity Advisory, "Stop Malicious Cyber Activity Against Connected Operational Technology", for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) operational technology (OT) owners and operators.
In the memo, the NSA stated, "While there are very real needs for connectivity and automating processes, operational technologies and control systems are inherently at risk when connected to enterprise IT systems. Seriously consider the risk, benefits, and cost before connecting (or continuing to connect) enterprise IT and OT networks."
Further, Onclave notes that the National Institute of Standards and Technology (NIST) recently published its Zero Trust Architecture (SP 800 - 207) for organizations to adopt the Zero Trust principles. It requires strong authentication and continuous monitoring for any anomalous behavior before access is given. This includes visibility as well as controlled communications between remote users, devices, applications, workloads, data centers and public cloud environments.
Onclave says its technology aligns with both NIST and NSA recommended guidelines. The Onclave TrustedPlatform creates cryptographically separate OT networks while still allowing them to share the IT infrastructure. Onclave also supports Zero Trust principles by moving away from "trust, then verify" to "never trust, verify first," providing continuous monitoring and offering the capability to isolate and contain threats.
"We are pioneers in developing a proven solution that immediately protects trusted OT/IoT systems and devices - significantly improving your enterprise's overall network security and making it most resilient," Stroberg concludes.
To learn more, visit www.onclavenetworks.com.