Dr.Siv Hilde Houmb, Founder & CTOWith the number of malware threats emerging daily going above the millionth mark, cybersecurity needs across industries have reached an all-time high. While cloud-based and software-ample IT infrastructure can remain unburdened with daily maintenance or background updates, industrial areas with heavy machinery and ongoing mission-critical operations such as production plants and oil rigs simply cannot afford that risk. Even a light network update or single parameter anomaly could quickly become the mainspring to a complete operational shutdown, which is a high price to pay.
This is where Secure-NOK comes in—providing state-of-the-art cybersecurity tools and solutions specifically tailored for industrial purposes. “We enable industrial companies to automate their threat monitoring and detection processes and protect critical infrastructure while focusing on their day-to-day operations carefree,” asserts Siv Hilde Houmb (PhD), founder and CTO, Secure- NOK. A seasoned industry expert in cybersecurity for critical information systems, Dr. Houmb is cognizant about the unique set of requirements that an industrial cybersecurity solution should entail in order for it to be widely accepted in the industry.
“What industrial companies truly need is a system that should basically never change once it is installed,” she claims. Ideally, a system like that should be as stable as possible, deterministic, and non-intrusive, with a minimal footprint, low-maintenance, and preferably no frequent updates. These characteristics are essentially a spec run-down of SNOK, Secure-NOK’s cybersecurity monitoring and detection system designed bottom-up for industrial networks and control systems. Through an exclusive partnership with Siemens, SNOK is bundled with the global manufacturer’s industrial hardware right out of the box.
The two-fold solution features SNOK industrial tailored Host Based IDS on one end, which monitors the control systems and also supports a wide range of PLCs, HMIs, industrial workstations, servers, controllers, and smart sensors. On the other end, there is SNOK Network IDS, which monitors all network activities on an industrial network. The underlying automatic threat detection singles out any and all suspicious behavior to detect threats on all operational levels, from anomalies in parameters down to unusual CPU usage. Through machine learning, the software analyzes various attack patterns and has the unparalleled ability to counter both known and unknown malware before they even become a threat. If the system does get alerted, it produces a color-coded risk severity report that is also adjusted to color blindness. All alerts are instantly displayed on one central dashboard in an easy-to-use and customizable UI.
According to Dr. Houmb, “this eliminates the need for cybersecurity personnel to be present at the operational site. Whatever alert comes out of the system, SNOK makes it actionable for an operational person, as well.”
We monitor and detect all the possible cybersecurity threats to your control system and tell you exactly how to go about them
SNOK is built for the industrial asset owner. “It is your eyes and ears in your control system that traditionally has been full of blind spots,” she adds. The solution works equally well for older legacy systems, such as Windows XP based solutions, as it does for current versions.
When SNOK was put to the test on a nuclear power plant replica system, the customer could see for themselves the unique visibility it provided to their system. SNOK was installed without interrupting the industrial process, and in real time, typical hacks such as connecting a new device, DoS attack and port scans were detected and alerted to the user. Next, attacks targeting the nuclear process PLCs were executed. These ranged from noisy brute force attacks to typical “under the radar” subtle configuration changes by a perpetrator with access to valid credentials.
The capabilities of SNOK are currently being assessed in the NIST Engineering Laboratory as a partner in the ‘Capability Assessment for Securing Manufacturing Industrial Control Systems’ carried out by the NIST National Cybersecurity Center of Excellence (NCCoE). The objective is to demonstrate behavioral anomaly detection and prevention mechanisms to the manufacturing industry, to support a multifaceted approach of counteracting cyberattacks against manufacturing processes.
In a nutshell, “we monitor and detect all the possible cybersecurity threats to your control system and tell you exactly how to go about them,” explicates Houmb. Over the years, Secure-NOK has helped many of its clients protect critical infrastructure by providing them with purpose-built, resilient, cybersecurity solutions to future-proof their business. It is exactly such disruptive thinking and innovative approach to addressing critical pain points within the industrial space that positions Secure-NOK ahead of the competition for the years to come.