Tenable/Siemens form partnership to secure infrastructure

Solo lightbulb

Tenable, the cyber exposure company, and Siemens, a global engineering and technology leader, announced a strategic partnership to help energy, utilities and oil and gas companies close the industry readiness gap with a new solution for industrial asset discovery and vulnerability management.

At a time when the risk of cyberattacks against critical infrastructure has grown exponentially, the global leaders in cybersecurity and OT have teamed up to launch ‘Industrial Security’ from Tenable, which Siemens is delivering as a service to help companies secure and protect their critical OT assets.

The partnership can help organisations address this challenge of not knowing where they are at greatest risk. By leveraging the capabilities of both companies, customers will gain a better understanding of where their OT assets may be vulnerable. The combination of Tenable’s technology, the first OT-dedicated passive vulnerability detection solution that gives customers continuous visibility into their greatest risks, combined with Siemens’ domain expertise and operational knowhow, is a powerful solution that can help customers close this knowledge gap so they can protect their critical assets.

“Organisations running operational technology face a foundational security challenge – the need to understand the entirety of their cyber exposure in the context of a modern attack surface that is constantly evolving,” said Amit Yoran, CEO of Tenable. “We’ve seen the rise of cloud, mobile and IoT and now the convergence of IT with OT, which have made critical systems vulnerable to increasingly aggressive adversaries and attacks. Tenable is the only company that can help organisations close the Cyber Exposure gap from traditional IT to cloud, from IoT to OT assets. Joining forces with Siemens is a natural next step and together we provide a way for organisations to monitor and address their attack surface in totality, so they can see where they are vulnerable and protect those systems – and the people who depend on them – from threats.”

The stakes have never been higher when it comes to cybersecurity for critical infrastructure. The number of cyberattacks worldwide continues to grow, with OT becoming a growing target, now comprising 30 percent of all cyberattacks, with a major impact on productivity, uptime, efficiency and safety, according to recent research conducted by Ponemon Institute on the state of cybersecurity in the U.S. oil and gas industry. The deployment of cybersecurity measures isn’t keeping pace with the growth of digitalisation in oil and gas operations and the inability to accurately understand and represent cyber risk at any given time creates a massive cyber exposure gap.

“Cyberattacks against the O&G and utilities sector are on the rise and growing more sophisticated and aggressive by the day. Passive monitoring of all assets in these systems is critical to detecting and addressing vulnerabilities before they can be exploited and lead to disruption of essential public services like electricity, gas, and water,” said Leo Simonovich, Vice President and Global Head, Industrial Cyber and Digital Security at Siemens Energy.

“With Siemens’ deep operational technology expertise and Tenable’s leading cybersecurity technology, this global partnership is uniquely poised to strengthen defenses in critical infrastructure and other organisations that rely on industrial systems.”

Siemens delivers and integrates best-of-breed technologies, empowering our customers to prioritise their most critical assets, continuously monitor their operating environment and build resiliency so they can rapidly respond and recover in the event of a breach.  As an end-to-end provider of OT cyber solutions, Siemens provides our customers with the transparency, insights and control to help secure the entire operating environment.

Integral to that solution, Industrial Security from Tenable provides safe, reliable asset discovery and vulnerability detection purpose-built for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems.  Using passive network monitoring based on Tenable’s Nessus Network Monitor, designed for critical systems which require a non-intrusive approach to vulnerability detection, the OT-native solution helps identify and prioritise OT risks so organisations can keep safety-critical production assets secure and fully functional.

Delivered by Siemens as a security service, Industrial Security helps customers understand the state of their assets at all times, providing them with the information they need to quickly and confidently assess, understand and ultimately reduce their cybersecurity risk. With Tenable, organisations for the first time can implement a single solution to assess Cyber Exposure across the entire modern attack surface, spanning both traditional IT and OT assets.