Energy Industry Threatened by New Hazard

Energy Industry Threatened by New Hazard

Photo US Coast Guard

This post is also available in: heעברית (Hebrew)

The energy industry needs more advanced security tools to help thwart threats to its increasingly connected infrastructure. With the industrial “internet of things” taking off, more utilities and critical infrastructures are getting connected to the web, generating massive amounts of data that could be of interest to state-sponsored hackers and cybercriminals. Energy infrastructure would be a tempting target for any country interested in causing damage to one of its rivals, and energy firms are equally wary of criminal threats such as ransomware.

The problem is that current economics of storing and processing enterprise security data have made it nearly impossible to compete against cybercrime.

A new security intelligence technology stores and analyzes security data. It enables organizations to extract signals from their security telemetry to find threats instantly and detect and investigate potential cyber threats.

Siemens is teaming up with Alphabet’s Chronicle subsidiary to secure systems in the energy infrastructure industry. Chronicle’s Backstory platform is a cloud service running on Google’s infrastructure that allows companies to upload, store and analyze security telemetry to detect and investigate potential threats, all from a unified dashboard. Security telemetry, in this case, includes high-volume data such as domain name system traffic, netflow, endpoint logs, proxy logs and other measurable data.

Security telemetry can be uploaded to the platform so that it can be indexed and automatically analyzed by the new analytics engine. The data remains private  —  it isn’t scanned by or available to anyone for other purposes.

Backstory compares the organization’s network activity against a continuous stream of threat intelligence signals to detect potential threats instantly. It also continuously compares any new piece of information against the company’s historical activity, to alert on any historical access to known-bad web domains, malware-infected files, and other threats, according to medium.com.

The technology will provide more visibility into energy company’s information technology systems, the companies said. Siemens will combine the platform with its own cybersecurity tools. Siemens said it will integrate Backstory into its managed services offering for industrial cyber monitoring, which covers both hybrid and public cloud environments, according to siliconangle.com.