“Many plants are not only riddled with vulnerabilities, but operators lack visibility of what those vulnerabilities are”
Japanese cybersecurity multinational Trend Micro has agreed to form a joint venture business with California-based industrial communications and networking firm Moxa, in the latest rush to capitalise on a growing convergence of information technology (IT) and operational technology (OT) security.
The agreement will create a new enterprise called called TXOne Networks. Trend Micro will be the majority shareholder, with both parties contributing capital and staff. TXOne Networks will build security gateways, endpoint agents and network segmentation to secure OT and equipment, the two said.
Read this: Bug Hunters Double SCADA Vulnerability Finds
The agreement comes days after Siemens and Aruba teamed up in an IT/OT offering that will co-market Siemens’ industrial Ethernet tools with Aruba’s LAN infrastructure. Earlier this week, meanwhile, cybersecurity specialist Forescout agreed to buy Dutch OT security specialist SecurityMatters.
The market opportunity is clear: As Forescout’s Ryan Brichant earlier told Computer Business Review: “Some operators don’t even have 20-30 percent knowledge of what’s in their plant. To make their job easier they have often given the keys to the castle to third-party contractors and vendors to install network routers and devices.”
“Many plants as a result are not only riddled with vulnerabilities, but operators lack visibility of what those vulnerabilities are. You can’t protect what you can’t see and companies will increasingly pay ransomware when they get sent a screenshot of a human-machine interface with a threatening message…
TXOne Networks: Formation Driven by IT/OT Convergence
Trend Micro’s decision to form the JV has been driven by such trends, the company said: “Many industrial organisations are not designed to incorporate connectivity within their networks and continue to use legacy software, meaning critical devices lack the ability to be easily updated or patched for security measures.”
This is happening as around the world, critical infrastructure is more connected to the internet than ever, as Industrial Internet of Things (IIoT) tools help to deliver predictive maintenance, while extended reality is being used to guide engineers remotely through repairs and upgrades.
The rise of IIoT has broken the rules of traditional, mainly physically and functionally separated network system architectures and a growing number of endpoint devices now connect directly to Internet, either individually or as part of an IIoT system; each new IP address punching a hole in the wall that traditionally formed a boundary between IT and OT.
As Trend Micro notes: “These complicated environments are made up of multiple layers requiring protection that sits in and between IT and OT. The responsibility for the security of these combined layers is traditionally unclear.”
XOne Networks solutions will help OT customers optimise network infrastructure for more IIoT opportunities, the two said.
They will benefit from “Moxa’s expertise in building reliable networks to bring more legacy and disparate networks into one industry-grade Ethernet backbone and raising the security level of the entire network’s communication to help customers drive nonstop productivity and cost reduction.”
Professional services will also be provided including security risk assessment, security breach response, and access to threat intelligence from Trend Micro Research and its Zero Day Initiative (ZDI).
“In a world where attacks are getting more persistent and sophisticated, while organisations are struggling with skills shortage and alert fatigue, these two groups are joining forces to successfully secure enterprises around the globe,” said Dr Terence Liu, Trend Micro Vice President and former CEO of Broadweb.. “I am excited at the opportunities and challenges this team will tackle in the months and years to come.”