Posted by Dr. Edward G. Amoroso
Former SVP and CSO of AT&T
Current CEO of TAG Cyber, LLC
September 09, 2016
by Evan Birkhead
VP Marketing, Bayshore Networks
IIC blog - Launching the Effort
IIC white paper - The Business Viewpoint of Securing the Industrial Internet
IIC security framework - The Industrial Internet Reference Architecture
Part of the Industrial Internet Consortium’s (IIC’s) mission is to bring together different viewpoints to share information and find common ground for progress. Frankly, we haven’t encountered a topic more polarizing than cybersecurity. But we believe that understanding the different business and technical drivers behind OT and IT are essential to creating a best practices security framework that will benefit industrial enterprises.
August 03, 2016
Bayshore’s IT/OT Gateway converts threat intel research into security policy that helps defend against headline-making attacks such as Black Energy, IronGate, and StuxNet
LAS VEGAS, BLACK HAT, AUGUST 3, 2016 – Bayshore Networks®, Inc., a provider of technology that safely and securely enables the Industrial Internet, today announced that its Bayshore IT/OT Gateway™ has the capability to help protect industrial enterprises against headline-making malware attacks such as BlackEnergy, IronGate, and StuxNet, among others.
“Bayshore provides two specific advantages in detecting ICS/SCADA malware - logic-rich policy-based security and extremely deep inspection of industrial application traffic, including embedded content,” explained Andres Andreu, Bayshore Networks VP, Engineering. “Once our IT/OT Gateway knows the pattern of any attack, we can deliver protection against that to our customers as policy. Then our deep content inspection capabilities enable us to detect malware moving across a network.”
Bayshore’s policy-based approach distinguishes it from the white listing approach used by IT security solutions such as IDS and firewalls. Bayshore builds security policy from multiple sources, including internal research, customer (proprietary) created rules, and external trusted sources including ICS-CERT, OWASP, Stix/Taxii, and leading defense threat intel vendors and service providers.
“On-premises security devices which work well on the IT side are not cost-effective and don’t provide policy management down to the data level necessary in OT environments, “ said Christina Richmond, Program Director, Security Services, at IDC. “These devices can protect the PLCs (Programmable Logic Controllers), but do not provide insight or management down to the robots, conveyors, and power-generation equipment level.”(1)
Bayshore’s cloud-based software, called the Bayshore IT/OT Gateway, provides IT departments with visibility into OT infrastructure, networks, applications, machines and operational processes. OT networks are undergoing transformation and require services traditionally available only for IT networks, such as secure remote access, malware protection and analytics. Bayshore delivers immediate value by preventing OT process disruptions and enhancing operational efficiency and business continuity.
Andreu cautioned that there is no silver-bullet security solution and that close collaboration between OT operations managers and IT security executives is critical to addressing emerging cyber security threats on industrial networks. He encouraged industrial enterprise and OT security directors to implement security best practices across their infrastructure and throughout their organizations and to work in conjunction with trusted entities to address immediate vulnerabilities.
June 02, 2016
Bayshore Blog Post: From the VMware Blog
From Bask Iyer at VMware: VMware introduces Liota - An IoT developer's dream
May 23, 2016
May 10, 2016
Bayshore Blog Post: Wall Street Journal
May 06, 2016
Bayshore Blog Post: Financial Times
April 26, 2016
Bayshore Blog Post: Yahoo Finance