Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.

The Industrial Cybersecurity Challenge: Meet ArcSight together with Dragos

Micro Focus Contributor
Micro Focus Contributor
2 0 3,768

Today’s sophisticated Operations Technology (OT) environment has a large attack surface with numerous attack vectors. Imagine one oil rig has over 30,000 sensors with multiple OT/IoT/IIoT vendors.  Without complete coverage, the likelihood of getting attacked is not a matter of ‘if’; it’s a matter of ‘when’.

The Industrial Cyber Security Challenge Meet ArcSight together with Dragos.png

For Security and SOC teams, network monitoring is not enough. You need the ability to access the details that provide in-depth visibility into the industrial control system (ICS) environment. Without it, you can only hope your industrial control devices have not been compromised by unauthorized activities or external threats. In these environments, substantial amounts of data reside on a variety of different devices. Much of that data does not traverse the network.

Critical asset inventory information, like records of user log-ins and controller firmware versions, as well as changes to devices made via direct connections, don’t typically present themselves in network traffic. If network monitoring missed an attack on a device, it could remain infected for days, weeks, or months without detection. In fact, network monitoring only provides operators with ~50% visibility and coverage across the OT environment. 

Visibility is key to providing your team the information needed to fight the sophisticated attacks in ICS. That’s why I am excited about ArcSight’s new partnership with Dragos. Dragos and ArcSight work together to provide increased visibility and improved correlation of cyber events. This partnership helps customers evaluate and make better informed decisions when classifying events and if actions are required.

Dragos’ newly announced integration with ArcSight provides three key benefits:

  1. Comprehensive Visualization for OT/IoT/IIoT Assets and Anomalies
  2. Rapidly Identify and Pinpoint Threats
  3. Confidently Investigate and Respond to Threats

We cannot control what we cannot see. ArcSight together with Dragos is able to meet the challenges of the Industrial Control System and be a force multiplier to the frontline ICS defenders providing cyber resilience to the world’s industrial infrastructure. And it all starts with one click at the Micro Focus Marketplace, where you can learn more about the Dragos + ArcSight partnership, access the integration guide, and improve your security team’s visibility into OT threats today!

DragosArcSightIntegration.png

More information:

Have technical questions about Security Operations? Visit the ArcSight User Discussion Forum. Keep up with the latest Tips & Info about Security Operations. Do you have an Idea or Product Enhancement Request about ArcSight? Submit it in the Idea Exchange. We’d love to hear your thoughts on this blog. Log in or register to comment below.

Tags (4)
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.