Zero Trust Security Moves from Defense to Industry

March 17, 2023
Developed for military/defense applications, the Mission Secure cybersecurity platform aims to reduce access and, therefore, risk to industrial operations technologies.

The concept of zero trust security is gaining more adherents in the industrial technology space. As  Jens Meggers, executive chairman of cybersecurity software supplier Mission Secure says, “You should assume bad guys will get in, so your focus should be on limiting what they can access.”

And that’s the focus of Mission Secure’s new Sentinel 5.0 platform, which is designed to provide context-aware cybersecurity policy monitoring and enforcement for industrial operations technology (OT) systems.

“Zero trust architectures are the most powerful and practical way to increase safety and reduce risk for industrial cyber-physical processes” says Meggers. “Sentinel 5.0 allows granular implementation of access policies from the physical signal all the way to the cloud. It’s whitelisting on steroids.”

If you’re not familiar with the zero-trust cybersecurity concept, it is a well-known IT cybersecurity principle that essentially eliminates implicit trust to access systems inside a network perimeter by validating every stage of digital interaction continuously.

Without zero trust architectures, Meggers says industrial operators often rely on disjointed collections of tools, such as firewalls, intrusion detection systems, and endpoint vulnerability scanning. Such combinations of cybersecurity technologies, however, do not fully provide the ability to manage and secure industrial operating environments, he adds.

Find out what industrial end use and system integrators think about defense-in-depth cybersecurity.

Policy instantiation and monitoring

The Sentinel 5.0 platform allows operators to define and enforce granular policies based on inputs such as network traffic, attempted remote access, asset firmware versions and vulnerabilities, as well as the digital and/or analog signals generated by physical devices.

Mission Secure’s technology operates at network level to discover and classify assets and find out who’s accessing what and why and then restricting access as needed, explains Meggers, who noted that the company’s technology began in the defense indystry before expanding into industrial applications.

The company’s technology extends beyond software to include network and signal integrity sensors. The network sensors can be deployed throughout the OT network, as either passive monitoring stations or inline policy enforcement points. The signal integrity sensors monitor analog and digital signals at network levels 0 and 1 to detect changes that may indicate a fault or compromise.

Meggers says the signal integrity sensors should be placed in an operations’ “most sensitive areas to read direct sensors, not controllers.”

“Users can plug in real or virtual sensors at the switch level to listen in on network traffic activity to know who’s talking to what and to find machines, control systems, and cloud access,” Meggers adds. “The dashboard allows you to drill down into details around all network activity. Once you know what to expect [as normal network activity], you can then install the guard rails with a whitelisting approach to start. For example, start by identifying which protocol specifics are allowed, then you can generate a list to see what activities on your network falls outside of your whitelist activity.”

Standard capabilities of the platform include passive monitoring, asset discovery, and alerting. Specific to its zero trust capabilities, the platform’s policy engine enables:

  • Creation of access control policies to define the conditions under which users or applications can send commands to an industrial device.
  • Identifying firmware state and vulnerabilities and limiting access to only fully patched systems.
  • Alerting and acting on anomalies in physical signals, and isolating systems that show abnormal behavior.
  • Supporting root cause analysis by correlating network events with sensor outputs.

Industrial cybersecurity partners

Mission Secure also partners with other industrial cybersecurity technology suppliers such as Verve Industrial and Claroty.

With Claroty, Mission Secure integrates Claroty’s collection of a user’s asset inventory and vulnerabilities, customized risk scoring, threat detection, and network communication mapping with its OT policy enforcement engine to create and enforce policies based on hundreds of possible inputs.

Working with Verve Industrial, a supplier of IT/OT asset inventory and vulnerability software, Mission Secure goes “beyond perimeter detection to protect the most vulnerable and critical OT assets at the endpoint level,” says John Livingston, Verve CEO. Verve’s software integrates IT and OT data to build asset profiles for effective risk prioritization. In its closed-loop platform, users can reduce the time typically needed from analysis to remediation with the ability to act within Verve’s software platform.

Companies in this Article

Sponsored Recommendations

C2-08DR-4VC

CLICK PLUS discrete/analog combo module, Analog Input: 2-channel, current/voltage, Analog Output: 2-channel, current/voltage, Discrete Input: 4-point, sinking/sourcing, Discrete...

MSD-SLC16G

CLICK industrial memory card, 16GB microSD. For use with all products with microSD memory card slot.

C0-12DRE-D

CLICK Ethernet Analog PLC, 24 VDC required, Ethernet and serial ports, Discrete Input: 4-point, DC, Analog Input: 2-channel, current/voltage, Discrete Output: 4-point, relay, ...

C2-FILL

CLICK PLUS option slot cover.