Malicious actors are always finding unique ways to disrupt organizations and critical infrastructure and OT environments have increasingly become a desirable target for them. The OT networks are being built on relatively outdated operating systems, which in turn can leave the environment vulnerable.
Benny Czarny, CEO & Founder - OPSWAT tells VARINDIA of why it becomes important to protect critical infrastructure and how OPSWAT, as a leading cybersecurity firm, leverages purpose-built technologies to protect OT networks -
Could you tell us more about the company?
I founded OPSWAT twenty years ago in San Francisco. We protect critical infrastructure from cyber threats. Almost every nuclear facility in the United States is using our platform, as well as most of the banks and multiple government and defense agencies – all are on our platform to protect data flow.
Protecting critical infrastructure is essential due to several challenges that these networks face. One of the main challenges is the complexity of these networks, which often consist of both OT and IT systems. For example, in the banking sector, there may be ATMs and private cloud networks, while in manufacturing, there may be robots that are not connected to the internet and an entire supply chain that is automated.
Another challenge is the lack of technologies specifically designed to protect critical infrastructure. Traditional antivirus technology or sandbox solutions are often insufficient to address the unique security needs of critical infrastructure. This creates a significant gap in the security posture of critical infrastructure networks. A third challenge is the lack of training and certification programs focused specifically on critical infrastructure protection.
To address these challenges, our platform offers purpose-built technologies that can identify and prevent potential threats to critical infrastructure networks. We have more than 20 products that leverage Deep CDR to reconstruct and rebuild every file, treating each file as a potential threat.
A solution like OPSWAT’s Neuralyzer that scans networks and devices for vulnerabilities because it understands industrial protocols is critical. OPSWAT also has a MetaDefender USB drive that you can plug into an engineering workstation and scan for vulnerabilities, which is extremely helpful to proactively mitigating threats.
In addition, we provide online training programs for over 100,000 students, with over 50,000 already certified. We have certified over 1000 professionals in India alone.
How do you look at India as a key market for cybersecurity?
India has become the fourth largest economy surpassing the United Kingdom recently, which is very remarkable. India is also investing close to 4% of its GDP on infrastructure. Adding to that, the cybersecurity spend in India is billions of dollars, which makes the country very attractive for investment. We also look at India as a potential engineering hub. Despite having engineering offices in many countries, we see many reasons why we should invest in a R&D unit here.
What would be your go to market strategy?
Our Go-to-Market globally is very channel heavy. It is going to be the same here in India. We are investing in the channel, and have an Academy to train the channel. We have an amazing engineering team, a global support team and we are a proven worldwide channel business. We will keep on investing in tools for the channel.
We have a two-tier distribution model. We have three distributors in India today. Below them there are tier 2 resellers, regional system integrators, Cyber specialists or associated security consultant organizations that we work with. So, we are able to reach into all types of markets where we have primary focus on critical infrastructure at the moment.
What would be the top verticals you will be looking at?
In India, we are focused on BFSI, while also having huge success with Govt. & defence service organizations and we continue to explore them further. The outsourced IT market is also a big focus for us. We are also very successful in critical infrastructure protection for energy, oil and gas sectors.
We are not just another cybersecurity commodity. We are just not another threat intelligence company, or another mobile security endpoint vendor. We are a platform that secures data, transitioning or moving across enterprises and we bring a different solution to the marketplace.
What measures need to be taken by equipment manufacturers to avoid OT vulnerabilities?
OEM suppliers must consider and eliminate potential vulnerabilities and threats within the systems they are building that could ultimately propagate into the rest of the supply chain. To mitigate vulnerabilities, OEMs should implement secure-by-design best practices, such as conducting thorough risk assessments and threat modeling to identify potential vulnerabilities and incorporating security features and protocols into the design. When installing regular updates or critical patches, OEMs can use a security kiosk solution to scan updates before installing them in customer environments to ensure there are no malware threats. Customers of OEMS should also harden their environments with network monitoring and media scanning solutions, as well as implementing firewalls that understand OT protocols.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
