The Chertoff Group and Dragos providing risk management for industrial organizations

The Chertoff Group and Dragos announced the formation of a unique alliance that will provide a holistic approach to cybersecurity risk management for industrial organizations seeking to protect critical infrastructure environments from today’s constantly evolving cyber threats.

The Chertoff Group is combining its policy intelligence, technology expertise and vast experience communicating threats to executives with Dragos’ industrial control system (ICS) expertise and best-in-class asset identification, threat detection and response platform.

This alliance between two of the world’s premier risk management firms is grounded in the belief that effective security must be a comprehensive and continual process that transitions operational “bottom-up findings” into an actionable “top-down” strategy, starting at the board and C-suite level.

In fact, this partnership has already successfully concluded several engagements with clients in a variety of sectors, including transportation, power & electric and mining.

“As we usher in 21st century transportation solutions represented by high-speed rail, we believe that the safety of our future passengers is paramount,” said The Chertoff Group-Dragos customer Lori Willox, chief financial officer of Texas Central Railway.

“We are excited about the Chertoff–Dragos partnership that helps us ensure best-in-class safety and security in our systems through a converged OT/IT cyber risk management assessment.”

As information technology systems become increasingly integrated into industrial environments, organizations across the critical infrastructure spectrum, especially those dependent on ICS, are facing threats from ever more sophisticated adversaries intent on causing devastating operational, financial and even physical harm.

While information technology (IT) systems and operational technology (OT) systems convergence enables efficiencies and business growth, it also expands the attack surface, leaving the vast majority of security teams to defend their most critical assets from new cyber threat vectors.

The Chertoff Group, a global security risk management advisory firm established in 2009 by former U.S. Department of Homeland Security Secretary Michael Chertoff, with extensive experience, knowledge and a proven record of protecting critical infrastructure, and Dragos a leading industrial cybersecurity company that has honed an approach specifically designed to secure operational technology, have established this partnership to meet this growing security imperative and support industrial organizations with the necessary threat awareness, expert analysis and actionable recommendations to better protect critical assets across both IT and OT environments.

“I believe we [The Chertoff Group and Dragos] are filling a great void in today’s risk management landscape by giving high profile and highly targeted industrial organizations a one-stop shop for truly understanding their risk profile along with specific risk-based recommendations and actions that can be taken to improve risk mitigation, threat detection and incident response but to also trust that their investments are working,” said Michael Chertoff, executive chairman and co-founder of The Chertoff Group.

Together, The Chertoff Group and Dragos are uniquely positioned to test and communicate real world risk to organizational leadership across the critical infrastructure system.

Using a threat-oriented and consequence-driven methodology, the Chertoff-Dragos team ultimately helps organizational leadership move beyond mere compliance to better secure their ICS operations with threat-driven strategic guidance on how to structure and build effective risk-based cybersecurity programs.

The Chertoff-Dragos joint offering addresses the full spectrum of risk management needs across industrial organizations — from a “bottom-up” threat-oriented view of how attackers could target and exploit ICS systems such as communication networks, power systems, or (SCADA) systems, to a “top-down” picture of the organization’s inherent risk landscape.

Complementing this unique approach, the Chertoff-Dragos team can clearly communicate risk management to all levels of an organization – from C-suite leaders to first-line operators.

“We are pleased to team with The Chertoff Group to provide industrial organizations with both the strategic and technical means to protect their networks from increasingly active adversaries,” said Robert M. Lee, CEO and co-founder of Dragos.

“From the plant floor to the board room, organizations understand it is critically important to protect their assets and ensure uninterrupted operations. The combination of The Chertoff Group and Dragos brings vast expertise and experience to help clients build a solid and resilient cyber security foundation.”

Don't miss