Rani Kehat

Radiflow, a renowned provider of cyber security solutions for industrial automation networks, announced the launch of CIARA, a major new platform offering Cyber Industrial Automated Risk Analysis (CIARA). The solution helps meet emerging best practice around risk modelling and management using the ISA/IEC 62443 series of standards. CIARA is the first fully automated tool for assets data collection, data-driven analysis and transparent risk metrics calculation including risk scoring per zone and business process based on business impact. The new platform is a response to the growing digitisation of the production floor (Industry 4.0) that has led to rising tide of cyber threats - while risk assessment processes remain manual tasks that fail to address the full scope of the issue. Advanced analysis algorithms CIARA is a next-generation Cyber risk platform intended to support the CISO, Operation manager and other risk stakeholders that act to reduce cyber risk in Industry 4.0 environments using advanced analysis algorithms to automate and manage the entire cyber security risk life cycle. Threat landscape is changing continuously which means a yearly risk assessment quickly becomes out of date" The solution adheres to the ISA/IEC 62443 series of standards, developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC), which provides framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems (IACSs). In addition, the CIARA reports assist the operators to meet regulations including the EU NIS Directive and elements of NERC CIP Cybersecurity Requirements with additional support for the NIST Cyber Security Framework under development. Cyber security risks “Risk assessment is currently a complex and time consuming process that for the most part revolves around spreadsheets and subject matter expertise which is cumbersome and prone to human error,” said Rani Kehat, Radiflow BVP Business Development. “Worse still, the threat landscape is changing continuously which means a yearly or bi-yearly risk assessment quickly becomes out of date - leading to a false sense of security." "With CIARA, industrial organisations can now perform continuous assessment of their cyber security risks and base cyber security expenditure planning in direct correlation to the potential loss, backed up with quantitative data.” Digital network models Yehonatan Kfir, CTO at Radiflow, also highlight the complexity that CIARA helps to overcome, “CIARA automates the process of examining hundreds of the most commonly used security controls, against simulation of hundreds of cyber threat types while modelling against dozens of features for the digital network models including protocols, vulnerability, firmware versions, topology, device type and many others." CIARA speeds up the risk management process by utilising the structure of ISA/IEC 62443" "These risk assessments are then factored against common OT risk scenarios including loss of availability, loss of control, damage to property and other. The result is a matrix of potentially tens of thousands of permutations that can’t be analysed by humans while CIARA is able to evaluate it and provide comprehensive reports in a few minutes.” Threat intelligence feed CIARA is continually updated with assets data from the field and a threat intelligence feed that is based on multiple sources including the MITRE ATT&CK knowledgebase of adversary capabilities, tactics and techniques. Ilan Barda, CEO for Radiflow, commented: “For many of our customers that are the new to the area of ICS/SCADA Cyber Security, CIARA dramatically speeds up the risk management process by utilising the methodology and structure of ISA/IEC 62443 – a standard that is likely to become a mandated requirement in the future." Risk assessment processes "There is also significant budgetary pressure in the post COVID-19 business environment, and planning capabilities to help better assign scarce resources are another driving force for the adoption of better risk assessment processes,” Barda adds. CIARA has been BETA tested successfully by several existing Radiflow customers and partners including a top 5 global consultancy firm and is now available for new customers with an easy demo offering.

Radiflow, a provider of cybersecurity solutions for industrial automation networks, announces that the company has launched iRISK, a new business-driven industrial risk analytics service for OT networks. iRISK is designed to provide comprehensive vulnerability assessment reporting for OT networks, including risk prioritisations and mitigation recommendations. The iRISK service generates a risk-oriented visibility report for an OT network that includes the details of network properties, risk levels for devices and links, potential attack paths for detected vulnerabilities and more. Multiple attack simulations iRISK applies a unique approach to weigh the exploitability of the assets iRISK uses a unique algorithm to calculate the likelihood of each attack on the analysed OT network taking into account the network context of each device rather than its standalone posture. iRISK also provides applicable mitigation recommendations according to NIST guidelines, specifying which corrective actions can improve the OT network’s security posture. iRISK applies a unique approach to weigh the exploitability of the assets and links in the OT network’s digital image against historical attack data combined with impact analysis based for each business process. iRISK uses this weighted data to run multiple attack simulations in order to provide a unique modelling of the likelihood of attacks and effectiveness of the proposed mitigations. Risk assessment capabilities While enabling our MSSP partners to differentiate their OT cybersecurity offerings with new and advanced services" “iRISK adds an important new risk planning and mitigation prioritisation layer to OT cybersecurity between mapping and visibility to threat detection,” explained Rani Kehat, Vice President of Business Development at Radiflow. “Our risk assessment capabilities enable our industrial enterprise and critical infrastructure operator customers to assess their risk levels and plan their mitigation roadmaps in the most effective way, while enabling our MSSP partners to differentiate their OT cybersecurity offerings with new and advanced services.” Critical manufacturing operations As a cloud-based service, the analytic processes of iRISK can be run continually or on an ad-hoc basis directly by the end user organisation or as part of an OT cybersecurity service provided by an MSSP. Radiflow will be participating at ManuSec Europe this week in Munich, Germany and will be demonstrating iRISK at the event. Also at ManuSec Europe, Idan Patelsky, Radiflow’s Product Manager will be presenting on the topic of Reducing Potential Business Interruptions in Critical Manufacturing Operations.

Radiflow, a provider of cybersecurity solutions for industrial automation networks, and Asset Guardian, a dedicated provider of edge protection for process control and industrial software, jointly announced that the two companies have launched a joint solution to expand industrial asset monitoring, change management and risk assessment capabilities for industrial enterprises. Threat detection system Asset Guardian’s change management solution manages software and hardware configurations of industrial automation and controls systems. The Asset Guardian technology manages PLC, DCS and HMI/SCADA software assets and provides a single point of reference for current asset information, including operational status, location and controller logic versions. iSID can detect in real-time and counteract abnormal network activity, such as abnormal network access Radiflow’s iSID industrial threat detection system provides real-time visibility of networked industrial assets, ports and protocols on an OT network. By passively analysing all data traffic, iSID can detect in real-time and counteract abnormal network activity, such as abnormal network access or asset changes and changes in the sequence of SCADA processes. Detailed asset information In this new integrated solution, iSID’s asset inventory now incorporates the asset information stored in the Asset Guardian database, including the detailed asset information that is not available from traffic monitoring. With this new detailed asset information from Asset Guardian, such as logic version, ownership, geo-location and more, the result is a far more granular risk score calculated by iSID for each asset. Changes to assets, such as new firmware or PLC logic, are detected on the network in real-time by iSID and sent to Asset Guardian for verification, authorisation and validation against the ‘golden image’ of the binary stored in the Asset Guardian database. OT asset monitoring and risk assessment Our integration and joint offering with Asset Guardian will provide a higher level of OT asset monitoring" “Our integrated and comprehensive joint platform solution capability will provide greater insight, clarity and security to our global customer base to help protect the integrity of their OT ICS assets against ever increasing cyber threats to safeguard operational resilience, govern compliance, standards, security and deliver effective management of change and disaster recovery,” explained Ewan McAllister, CEO of Asset Guardian Solutions. “Our integration and joint offering with Asset Guardian will provide a higher level of OT asset monitoring and risk assessment,” said Rani Kehat, Vice President of Business Development at Radiflow. “These are key enhancements that will enrich our industrial enterprise customers with greater operational management value.” Joint solution with Asset Guardian Radiflow will be demonstrating its joint solution with Asset Guardian this week at the Industrial Control Systems Cyber Security Conference in Atlanta, United States. Radiflow is currently scheduling demonstration of its joint solution with Asset Guardian.

Radiflow, a provider of industrial cybersecurity solutions for industrial automation networks, announced the availability of its iSID Industrial Cybersecurity App on Cortex by Palo Alto Networks – the industry’s only open and integrated AI-based continuous security platform. Building on Cortex allows partners to use normalised and stitched together data from customers’ entire enterprises to build cloud-based apps that constantly deliver innovative cybersecurity capabilities to joint customers.   The Radiflow iSID industrial cybersecurity app on Cortex provides critical infrastructure and industrial cybersecurity through non-intrusive monitoring of distributed production networks. The app utilises data from Cortex Data Lake for added context to create a unique risk score for each device based on proprietary attacker models and defined defence strategies. Security analysts and risk managers can prioritise their actions based on the specific context of the OT network and the potential impact on the business if an attack occurred. AI innovations for accurate security outcomes Cortex is enabled by the Cortex Data Lake, where customers can securely and privately store and analyse large amounts of data“We are excited to continue our work with Palo Alto Networks and supply OT specific analytics on data collected by Palo Alto Networks,” said Rani Kehat, Vice President for Business Development at Radiflow. “This app enables customers to leverage their Palo Alto Networks investment and subscribe to value-added OT specific risk scoring and threat detection services provided by Radiflow.” “Cortex partners can leverage the vast amount of rich data available from across the enterprise to create AI-based innovations that provide more automated and accurate security outcomes to our joint customers,” said Karan Gupta, SVP of Engineering for Cortex at Palo Alto Networks. “We’re proud to welcome Radiflow to our expanding ecosystem of developers building innovative apps.” Cortex is designed to radically simplify and significantly improve security outcomes. Deployed on a global, scalable public cloud platform, Cortex allows security teams to speed the analysis of massive data sets. Cortex is enabled by the Cortex Data Lake, where customers can securely and privately store and analyse large amounts of data, normalised for advanced artificial intelligence and machine learning to find threats and orchestrate responses quickly.