Kaspersky has updated the products within its solution for industrial organizations. Kaspersky Security Center now provides a centralized management dashboard for security orchestration of the entire OT (operational technology) infrastructure, with a map of all geographically distributed assets enriched with events, incident analytics and more. Deep integration of Kaspersky Industrial CyberSecurity for Nodes and Kaspersky Industrial CyberSecurity for Networks combines data about events on endpoints and across the network in real-time. Security enhancements include a network attack blocker against brute force and exploits, and extended sources of data for vulnerability and patch management.
A lack of visibility and manageability of complex IT and OT environments appear to be the most challenging issues for two-thirds of industrial companies, as revealed by a Kaspersky survey. Having access to a unified platform for the management of security policies, deployment of protection and all security events should help these organizations make their infrastructure more secure and transparent.
Kaspersky Security Center has expanded its capabilities to include a dedicated dashboard for the centralized management of OT infrastructures. In addition to the previous features which facilitate the administration of product deployment, updates, licenses, and policies, the console now provides complete visibility of all protected assets, security events, and incident analytics. Customers can search for all infrastructure elements – such as servers or controllers – and their characteristics and see them on a geographic map where all assets across different subsidiaries can be set up. The map works in real-time and highlights any assets which might be affected by an incident. An administrator can then immediately investigate the problem by clicking on it and going to the dedicated web console of the server.
To improve customer experience, situational awareness, and deployment flexibility, Kaspersky Industrial CyberSecurity for Networks can now retrieve important data from industrial endpoints protected with Kaspersky Industrial CyberSecurity for Nodes. Security administrators can investigate accidents with a broad context: EPP-enriched incident details, precise asset parameters detection, and network communication maps from segments where traffic mirroring is not yet available.
Moreover, with the addition of a network attack blocker, Kaspersky Industrial CyberSecurity for Nodes protects from port scanning, denial of service, brute force attacks, and threats exploiting vulnerabilities or misconfigured applications, services, and operating systems. To help customers further decrease the chance of vulnerability exploitation with timely patching or mitigation, Kaspersky Industrial CyberSecurity for Networks now expands its vulnerability database provided by Kaspersky ICS-CERT with new sources: National Vulnerability Database (NVD), and US-CERT. Administrators can filter vulnerabilities by source and switch off detection from any of the databases.
“By offering seamless integration of cybersecurity technologies applicable for various automation systems, we are pursuing the ultimate goal to build a reliable ecosystem of solutions that would satisfy the requirements of cybersecurity teams responsible for any number of industrial sites. Our strategy is to serve our industrial enterprise customers at every point of their cybersecurity technical measures implementation plan, in order to create a scalable and certified security system with undoubtful efficacy,” says Kirill Naboyshchikov, Business Development Manager at Kaspersky.
“These updates form Kaspersky’s first step towards creating an industrial security platform. The key element is a single security dashboard that responds to a variety of needs: from incident monitoring to response, investigation, hunting, orchestration, and automation capabilities, to cover the whole geographically distributed environment. This approach will help customers take their OT security to a new level from any starting position,” adds Naboyshchikov.
The Kaspersky Industrial CyberSecurity management console in Kaspersky Security Center will be available for customer implementation from December 2021.
