Solution

CNI Security Monitoring

Security Threat Detection & Response solutions for CNI systems and devices, developed in-house in the UK and trusted worldwide.

Overview

Cyber security monitoring and threat detection of OT, IoT and ICS systems and devices as used in CNI environments is considered the major cyber risk for most Governments today.

CNI security monitoring overview image

Many Governments have made the cyber protection of CNI infrastructure their top cyber security priority, due to growing risks of Nation State attacks on critical transport, energy and water services and others. Most existing monitoring and SIEM solutions cannot operate in CNI environments because of the difficulties in accessing data. It is beyond the capabilities of most SIEM tools to access CNI security data, which is often held in remote and out of the way locations.

Find out more:

Assuria is one of the only SIEM and DPM vendors whose software was designed from the outset to operate just as effectively in CNI/OT environments as in normal IT environments. Our solutions are able to access and manage security data from almost any device, in almost any location and in almost any form.

The original design brief for ALM-SIEM was to take complete, forensic control of security data from the point of creation (server, endpoint, App, database, network switch, security enforcing device etc.)

However, this can be much more challenging for OT and IoT devices within CNI – the security data might not be in a convenient location, might not even be logged in a central store. Crude security data forwarding (e.g. Syslog) to mostly Cloud based monitoring services is not a viable security solution at all in the CNI environment.

So, it requires unusual methods of data collection, and Assuria has 20 years of experience in developing security data harvesting tools. A really good example is our Software Network Traffic Monitoring (SNTM) technology. SNTM can pull security data from network traffic, even encrypted traffic (subject to the availability of cryptographic materials), without disruption to the traffic.

Another key component of CNI security monitoring is data classification, or normalisation. Assuria’s ALM-SIEM and DataSense solutions include a data normalisation framework powered by an extensible Soft Taxonomy and built-in Rendering components.

Contact us!