Intelligent CIO Europe Issue 61 - Page 79

t cht lk

t cht lk

Mohamed Ibrahim , Business Development Director for OT Cybersecurity at Trend Micro MEA
technologists and security experts excel in discovering vulnerabilities and threats worldwide and can patch them to our customers with our solution .
One of the key factors is that we have to assess our network and discover vulnerabilities to know where the hotspots are . This can be accomplished with many solutions at TXOne , including portable security . For example , we have a USB drive that can be easily carried everywhere as it is a widely used tool .
I want to talk about a couple of things – let ’ s divide these into the network and endpoint . The network part works differently as it needs a lot of focus as we need to segment the network to understand who is talking to whom and which protocol has full visibility on the communication between assets and devices inside the infrastructure . Whereas the endpoint part focuses on how we can secure servers and the machines running our applications like the SCADA systems , HMIs and other devices – this is where the challenge comes in . This is very challenging , especially if running in an air-gapped environment or with other facilities that don ’ t have connectivity . TXOne can provide the muchneeded solution for such challenges .
Flash drives are commonly used to transfer data in an air-gapped environment , but this often creates a risk of insider threat . What would be your best practice advice on secure file transfer ?
This is a common point of discussion in the OT community as the air-gapped environment is something that will vanish with time as digitalisation accelerates . However , until this happens , we are still
stuck and need to find a solution . One of the things that TXOne is adding value to is using one of our applications , ‘ whitelisting ’ that we can run on specific endpoints , enabling us to lock down the machine against any threats that can compromise it or anyone who can inject and infect the machines with viruses by using USB ports or IOs . In air-gapped environments , once those machines are locked down , there is no need to patch them anymore , as they will not execute any files other than the whitelist .
The second part is a portable security solution that despite being small in nature , is very effective . It is a USB stick ( no installation required ) that can scan machines presented in remote locations with no connectivity and can be used to ensure that the machines are secure and don ’ t have any viruses or malware running on them , guaranteeing we can collect all the data needed on those air-gapped zones .
I use one of those tools and carry it everywhere in my pocket . You ’ d be surprised that whenever anyone connects any device to my infrastructure , I can plug this into the device to ensure there are no malware or infections on the machine . Once I get a green light , I unplug and allow them in . Customers use this prevalent use case in air-gapped environments as the individual can ’ t install any agent on any machines . He can ensure that whoever connects to his infrastructure is clean and doesn ’ t harm his investments or devices .
TXOne ’ s portable security inspection tool , TMPS 3 , has been widely adopted by global industry leaders in transportation , pharmaceuticals and other industry verticals where OT leaders wanted more reliable file transfers between standalone systems in work facilities . p
www . intelligentcio . com INTELLIGENTCIO EUROPE 79