Skybox Security’s network modeling mitigates critical infrastructure security risks

Skybox Security announced new vulnerability management capabilities for operational technology (OT) environments. Available now, the new Skybox Security Posture Management Platform capabilities eliminate cyber exposure across the entire enterprise environment, including IT, hybrid, multi-cloud, and now OT assets.

“There is no single solution that will stop cyberattacks, and OT environments are particularly vulnerable. IT/OT convergence demands flexible and vendor-agnostic attack surface modeling to reduce critical cybersecurity risks,” said Haggai Polak, chief product officer, Skybox Security. “Our mission is to ensure cybersecurity matures at the speed of digital transformation. As a result, our product capabilities and future roadmap are focused on extending our network model to ingest data from transformative technologies and model entire network environments.”

As unprecedented cyberattacks on critical infrastructure and supply chains continue to accelerate, a Skybox Security 2021 research study found that 83% of organizations with OT infrastructure suffered security breaches. With OT exposure at an all-time high, Skybox Security eliminates exposure across these environments with new network modeling advancements.

A new path forward for breach prevention

Skybox Security provides visibility and context across the IT/OT attack continuum, empowering NetOps, SecOps, and ITOps teams to collectively achieve better, faster security decisions. Skybox merges, normalizes, and centralizes data from OT, IT, hybrid, and multi-cloud networks into a standard reference model for infrastructure, asset, and vulnerability data, and integrations enhance the Skybox network model by extending the platform’s capabilities to ingest new vulnerability and asset information aggregated across customers’ security toolkits and tech stacks.

Network model enables accurate path analysis

Organizations with OT environments can leverage the model to analyze the efficacy and consistency of their security controls, determine access compliance with network segmentation requirements, validate configurations and changes, and identify and precisely measure their exposure to potential cyberattacks.

With a complete view of the attack surface, teams can leverage the network model to conduct path analysis to map all possible network paths – from source to destination – where packets can traverse across hybrid environments. With this complete view of the attack surface, organizations with OT assets can understand where they are truly exposed, if proper network segmentation is in place, and whether compliance gaps exist.

Prescriptive remediation beyond patching

New Skybox Security OT vulnerability management capabilities provide customers with the most efficient and effective remediation options available in the industry. In OT environments, patching is often not an option. Skybox delivers insights to enable robust remediation options beyond patching, including recommendations to:

• Apply IPS signatures
• Add/modify access rules
• Adjust network segmentation to block attack paths
• Update and optimize firewall and security device policies/rules
• Update and optimize networking device configurations

Network model expands across OT networks

New integrations with Nozomi Networks and Siemens’ RUGGEDCOM products expand Skybox Security’s ability to identify exploitable vulnerabilities and correlate them with an organization’s unique network configurations and security controls to determine where cyberattacks pose the highest risk. The ability to verify compliance while prioritizing the most dangerous vulnerabilities reduces downtime and improves security efficacy.

Skybox Security builds on its integration partnerships for deeper visibility into OT environments, including Claroty, Forescout eyeInspect, and Microsoft CyberX. Customer benefits include:

• Advances vulnerability management and remediation options in OT networks with reduced downtime
• Validates compliance with security regulations and industry frameworks
• Isolates cyber-physical systems by establishing prescriptive strategies for advanced mitigation

Availability

The Skybox Security Posture Management Platform and new OT integrations are available now.

Skybox Security Chief Revenue Officer Rob Rosiello: “Our customers say that Skybox Security makes them smarter about securing their entire environment. We can no longer think of OT risk separate from the entire enterprise. Securing, equipping, and enabling these assets is absolutely paramount to the success of industry 4.0 and digital transformation initiatives.

“Too often, traditional cybersecurity playbooks approached security in silos – cloud, IT, IoT, OT – and that is a mistake. Not looking holistically across the estate is a missed opportunity and a significant threat to business success. The ideal paradigm for securing IT and OT comprehensively is to have a solution and strategy that pinpoints and prioritizes critical vulnerabilities and can determine the business impact of a breach. That is a significant part of what Skybox brings to our global customers.”

Nozomi Networks Co-founder and Chief Product Officer Andrea Carcano: “With sophisticated cyber threats targeting OT and ICS networks in addition to IT networks and devices, there’s an urgent need for a unified and prioritized view of vulnerabilities across field, process, and control networks as well as operational systems and enterprise IT domains. Nozomi Networks is the leader in OT and IoT cybersecurity as validated by customers in Gartner Peer Insights reviews. Together, with Skybox, our advanced and actionable insights will continue to defend some of the world’s most complex integrated OT/IT environments.”

Claroty Chief Product Officer Grant Geyer: “As industrial control system (ICS) vulnerability discoveries continue to rise, a disciplined approach to vulnerability management is essential for reducing risk in industrial environments. The integration between The Claroty Platform, for which we were named a Leader in The Forrester Wave: Industrial Control Systems (ICS) Security Solutions, Q4 2021, and Skybox Security’s Vulnerability Control solution empowers our mutual customers to pinpoint and remediate the riskiest vulnerabilities in their increasingly complex converged environments.”

Skybox Security Research Lab Threat Intelligence Analyst Ran Abramson: “There’s no doubt that OT exponentially expands the attack surface. We see customers that initially have tens of thousands of vulnerabilities in just one environment. With the Skybox Security network model, we can pinpoint 3-5 assets with exploitable vulnerabilities that are exposed and could cost millions of dollars if compromised.”