Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Siemens, PAS Partner on Industrial Cybersecurity

Engineering giant Siemens and PAS, a company that specializes in cyber security solutions for industrial control systems (ICS), announced on Tuesday a new strategic partnership.

Engineering giant Siemens and PAS, a company that specializes in cyber security solutions for industrial control systems (ICS), announced on Tuesday a new strategic partnership.

The goal of the partnership is to provide organizations the capabilities needed to identify and inventory assets, including distributed and legacy control systems, and provide visibility for detecting cyber threats and unauthorized engineering changes in multi-vendor environments.Siemens and PAS partnership

The solutions offered as a result of the partnership can be ideal for fleet-wide monitoring in the oil and gas sector, which is largely unprepared to address cybersecurity risks in operational technology (OT) environments.

Eddie Habibi, founder and CEO of PAS, pointed out that security personnel in energy and oil & gas facilities is in many cases “blind” to the configuration state of most of their cyber assets.

“Siemens chose to help address this gap with our Cyber Integrity software, which provides customers with the context they need to drive targeted security responses to incidents and ultimately to harden systems that were designed, built, and deployed before cybersecurity was a design consideration,” Habibi told SecurityWeek. “Siemens understands that any managed security service that is going to reduce risk in any meaningful way must include all critical vendor assets.”

Leo Simonovich, Vice President of Global Cyber Security at Siemens, noted that the company had previously partnered with Darktrace for network intrusion detection and it has now selected PAS for its ability to provide configuration visibility into proprietary industrial control systems.

“These are the systems that have direct responsibility for controlling volatile processes and ensuring safety in an industrial facility. Most companies lack sufficient visibility into these critical endpoints,” Simonovich said. “With PAS, we aim to lift that veil and raise the security posture of our customers through visibility into proprietary assets and deep analytics for indicators of compromise.”

Siemens’ products are available as standalone services or part of the company’s comprehensive managed security offering, depending on the customer’s needs and maturity. PAS also provides comprehensive security services, but the company’s integrity, inventory and configuration management solutions can be acquired separately by organizations that have their own security operations centers (SOCs).

“Chief Information Security Officers with whom we speak want to leverage existing investments to reduce security risk,” explained Habibi. “Where PAS has an install base, Siemens is a natural add-on service that helps CISO’s gain actionable intelligence on systems that frankly are the lifeblood of critical infrastructure industries. Likewise, existing Siemens customers who will have other vendor systems in place, will have the ability to bring these systems under one security monitoring umbrella. This is unprecedented.”

Related: Learn More at SecurityWeek’s 2017 ICS Cyber Security Conference

Related: Schneider Electric, Claroty Partner on Industrial Network Security

Related: CrowdStrike, Dragos Partner on ICS Security Services

Related: Veteran Industrial Cybersecurity Firm PAS Raises $40 Million

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.