Onclave’s TrustedPlatformâ„¢ secures OT and IoT endpoints eliminating the attack surface most vulnerable to malware.
Onclave Networks, a global cybersecurity leader specializing in securing OT/IoT devices and systems, views the adoption of Zero Trust guidelines as essential for protecting critical infrastructure.
Recommended ITech News: Navitaire Expands Investment in Cloud With Move of Digital Platform
“Attackers are more sophisticated than ever,” said Don Stroberg, CEO of Onclave. “Operational technology is too complex and diverse to protect with a passive approach or a continued reliance on IT security solutions. It also means a near-infinite number of attack vectors to exploit. Our platform is purpose-built to secure OT/IoT systems and is based on Zero Trust principles. Our solution greatly reduces the number of potential attack surfaces, and is the ideal choice for mitigating the risk of breaches to OT/IoT networks.”
Critical infrastructure and healthcare facilities are particularly vulnerable targets. Power plants, refineries, and hospitals can have tens of thousands of non-IT devices as an example. A complex network of devices means a potentially innumerable number of vulnerable endpoints that can be exploited, increasing the risk and cost when it comes to ensuring the protection and integrity of the network.
Recommended ITech News: Accedian Launches Upgraded Skylight 4X Partner Program to Propel New Services Opportunities
Onclave recommends that businesses across industries should adopt a Zero Trust framework: the idea that trust is verified at each endpoint before access is granted to any device, system or user. “This is the core principle of the Onclave TrustedPlatformâ„¢. Our unique solution continuously reassesses trust to ensure the integrity of your network,” Stroberg said.
According to industry data:
- Cyberattacks are up 92% and the average data breach now costs $3.86M to resolve (though some businesses report costs in the tens of millions).
- Since COVID-19, the FBI reports on average 4,000 cyberattacks a day (A 400% increase).
*Interpol reports “an alarming rate of cyberattacks aimed at major corporations, governments, and critical infrastructure.”
The National Security Agency (NSA) recently released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology”, for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) operational technology (OT) owners and operators. In the memo, the NSA stated, “While there are very real needs for connectivity and automating processes, operational technologies and control systems are inherently at risk when connected to enterprise IT systems. Seriously consider the risk, benefits, and cost before connecting (or continuing to connect) enterprise IT and OT networks.”
Recommended ITech News: Trend Micro Launches First and Only SecOps Solution to Slay Open Source Code Bugs
The National Institute of Standards and Technology (NIST) recently published its Zero Trust Architecture (SP 800 – 207) for organizations to adopt the Zero Trust principles. It requires strong authentication and continuous monitoring for any anomalous behavior before access is given. This includes visibility as well as controlled communications between remote users, devices, applications, workloads, data centers and public cloud environments.
Onclave aligns with both NIST and NSA recommended guidelines. The Onclave TrustedPlatformâ„¢ creates cryptographically separate OT networks while still allowing them to share the IT infrastructure. Onclave also supports Zero Trust principles by moving away from “trust, then verify” to “never trust, verify first”, providing continuous monitoring and offering the capability to isolate and contain threats. “We are pioneers in developing a proven solution that immediately protects trusted OT/IoT systems and devices – significantly improving your enterprise’s overall network security and making it most resilient,” Stroberg said.
Recommended ITech News: FieldFLEX Mobile Announces the Release of an SDK for FieldFLEX 12