Armis announced the Critical Infrastructure Protection Program (CIPP) to help organizations supplying systemically important entities such as power, water, seaports and wastewater identify and fortify assets in need of urgent safety improvements.
Under this new program, critical infrastructure providers in the United States and NATO-aligned countries will have free access to Armis for three months. As technologies converge, it is more important than ever that public and private organizations work together to bridge the visibility gap and reduce this growing threat.
The geopolitical instability associated with the Russian invasion of Ukraine, as well as the continued assistance of the United States and the North Atlantic Treaty Organization (NATO) to Ukraine’s defense efforts, is increasing the possibility of retaliatory cyberattacks against critical infrastructure in the United States and NATO-aligned countries.
The program is complementary to the Cybersecurity & Infrastructure Security Agency, or CISA, guidance that has been provided through the SHIELDS UP initiative to help organizations like those mentioned above prepare for, respond to and mitigate the impact of cyberattacks. The potential critical infrastructure attack surface in the United States alone includes:
- 55,000 substations on our electrical network
- 360 commercial seaports
- 2.6 million kilometers of pipeline
- 14,000 treatment plants serving 240 million Americans
“Continued modernization of critical infrastructure brings efficiency and scalability to the vital services we rely on, such as power grids, commercial seaports, oil and gas pipelines, transportation services and water treatment facilities. As these cyber-physical systems grow into our critical infrastructure, the attack surface and inherent risk are growing at an alarming rate,” said Yevgeny Dibrov, CEO and co-founder of Armis. “By combining the power of the Armis asset visibility and intelligence platform with leading security vendors like Kroll, we are advancing the critical infrastructure protection agenda to collaborate and defend against future cyberattacks.”
Announced in February in response to Russia’s invasion of Ukraine, CISA’s SHIELDS UP program highlighted the risk of increased malicious cyber activity on US soil. Armis also provides the following tips:
- Uncover critical unknowns – View the full inventory of wired and wireless connected assets
- Understand the risks – Prioritize vulnerability management with comprehensive device risk analysis, including vulnerability and behavior analysis
- Device Connectivity Research Report – Discover and investigate potential attack vectors with device connectivity and interdependency mapping
- Boundary segmentation and analytics – Leverage actionable analytics to fortify boundaries and eliminate unauthorized connections
- Software and Hardware Gap Analysis – Understand hidden software and hardware gaps and risks
- Alerts – Contain threats and exploits in near real-time through integration with SIEM, SOAR and/or XDR
- Advanced Reporting and Analytics – Generate reports to meet compliance, regulatory and audit requirements
Along with the introduction of the Critical Infrastructure Protection program, Armis is partnering with Kroll, the leading provider of data, technology and insights related to risk, governance and growth. Kroll’s frontline threat intelligence, generated from responding to more than 3,200 incidents each year, will be merged with Armis’ OT and ICS telemetry to enable customers to build cyber resilience and respond with confidence in the event of an incident. Organizations will be able to register for the program from today until June 17, 2022.
“Cyber defense of critical infrastructure is of paramount importance. This requires comprehensive threat intelligence, technical visibility, and continuous detection and response to secure complex OT and ICS environments,” said Jason Smolanoff, president of Cyber Risk at Kroll. “We need to test controls, simulate attack scenarios and regularly conduct tabletop exercises to ensure that the security measures we take are effective. By collaborating with Armis, we combine their deep visibility with our extensive field experience, enabling customers to protect their most critical assets.
Critical Infrastructure Protection Program Services and Benefits
Three months of free access includes:
- Prebuilt integrations for existing security platforms, such as scanners, firewalls, NACs, WLCs, endpoint protection, and XDR solutions
- Unified intelligence and security platform for Armis asset visibility, including Armis IT and OT policy library
- Network traffic analysis for IT and OT networks
- Vulnerability, threat detection and threat intelligence engines
- Armis Security Architect and Deployment Manager
Organizations participating in the program will receive:
- Complete visibility into all connected operational technology (OT) and information technology (IT) assets
- Rapid identification and simplified management of security risks
- Confidently manage risk of all connected OT and IT assets
- Access to Kroll’s customizable cyber risk restraint program that includes preparedness, assessment and response solutions
Gain complete visibility into OT and IT assets
The Armis platform performs continuous, non-invasive monitoring of all wired and wireless OT and IT assets in your environment. The platform:
- Monitors devices communicating in the airspace via peer-to-peer protocols, invisible to traditional security products.
- Protected your business from disruption by leveraging the world’s largest device behavior knowledge base to detect threats with a high degree of accuracy.
- Active allows you to automatically disconnect or quarantine devices operating outside “well-known” baselines.