Título

APPLYING NETWORK DETECTION AND RESPONSE (NDR) IN INDUSTRY ENVIRONMENT: AN INNOVATIVE APPROACH AGAINST CYBER SECURITY THREATS

APPLYING NETWORK DETECTION AND RESPONSE (NDR) IN INDUSTRY ENVIRONMENT: AN INNOVATIVE APPROACH AGAINST CYBER SECURITY THREATS

Autoria

Baioco, Gleison

Baioco, Gleison

Eu sou esse autor

DOI

10.5151/2594-5335-40343

Downloads

Resumo

CYBER THREATS ARE GROWING MORE AND MORE. WITH THE ADVENT OF DIGITAL TRANSFORMATION, INDUSTRIAL ENVIRONMENTS HAVE MOVED FROM AN ISOLATED SCENARIO AND HAVE BEEN INCREASINGLY CONNECTED WITH NEW TECHNOLOGIES, WHICH EXPOSES SUCH ENVIRONMENTS TO MAJOR THREATS. CONSIDERING THE CRITICALITY OF THESE ENVIRONMENTS, THE IMPACTS CAN RANGE FROM OPERATIONAL COSTS TO CATASTROPHES IN HEALTH AND SAFETY (E.G. EXPLOSION OF A POWER PLANT). THEREFORE, IT BECOMES NECESSARY TO ADOPT INNOVATIVE SOLUTIONS CAPABLE OF COMBATING INCREASINGLY ADVANCED THREATS, ESPECIALLY CONSIDERING THE PARTICULARITIES OF AN INDUSTRIAL ENVIRONMENT (HIGHLY LEGACY SYSTEMS, DESIGNED WITHOUT SECURITY CRITERIA, WITH HIGHLY PROPRIETARY PROTOCOLS). THE MAIN OBJECTIVE OF THIS SOLUTION IS TO CONTINUOUSLY MONITOR THE AUTOMATION ENVIRONMENT TO DETECT CYBERSECURITY THREATS AS WELL AS ANOMALOUS BEHAVIOR AND RESPOND TO THESE THREATS THROUGH NATIVE FEATURES OR BY INTEGRATING WITH OTHER CYBERSECURITY TOOLS. IN ADDITION, THE SOLUTION ALLOWS ASSET MANAGEMENT BY INVENTORYING ALL DEVICES CONNECTED TO THE NETWORK (INCLUDING PLC ETC). FINALLY, THE SOLUTION PROVIDES VULNERABILITY MANAGEMENT REPORTING THE WEAKNESSES OF EACH ASSET INVENTORIED. THE SOLUTION ADOPTED IS RECENT IN THE MARKET AND A PIONEER IN THE ARCELORMITTAL GROUP, REINFORCING THE ROLE OF ARCELORMITTAL FLAT CARBON LATIN AMERICA AT THE FOREFRONT OF TECHNOLOGICAL SOLUTIONS.

Cyber threats are growing more and more. With the advent of digital transformation, industrial environments have moved from an isolated scenario and have been increasingly connected with new technologies, which exposes such environments to major threats. Considering the criticality of these environments, the impacts can range from operational costs to catastrophes in health and safety (e.g. explosion of a power plant). Therefore, it becomes necessary to adopt innovative solutions capable of combating increasingly advanced threats, especially considering the particularities of an industrial environment (highly legacy systems, designed without security criteria, with highly proprietary protocols). The main objective of this solution is to continuously monitor the Automation environment to detect cybersecurity threats as well as anomalous behavior and respond to these threats through native features or by integrating with other cybersecurity tools. In addition, the solution allows asset management by inventorying all devices connected to the network (including PLC etc). Finally, the solution provides vulnerability management reporting the weaknesses of each asset inventoried. The solution adopted is recent in the market and a pioneer in the ArcelorMittal group, reinforcing the role of ArcelorMittal Flat Carbon Latin America at the forefront of technological solutions.

Palavras-chave

NDR; ANOMALY DETECTION; PROCESS AUTOMATION; CYBER SECURITY

NDR; ANOMALY DETECTION; PROCESS AUTOMATION; CYBER SECURITY