RewardExpert.com is an independent website that is supported by advertising. RewardExpert.com may be compensated by credit card issuers whose offers appear on the site. Because we are paid by our advertising partners it may impact placement of products on the site, including the order in which they appear. Not all available credit card issuers or card offers are included on the site.

    Protect Critical Infrastructure With Dragos

    icon-user Laura Pourinski icon-comments Comments July 15, 2020
    Dragos online syber security solutions

    A cyber attack can be devastating, resulting in major losses to a company’s finances and reputation. But a cyber attack against critical infrastructure can also be deadly. Think about what could happen if hackers took control of a chemical plant, grabbed a hold of a nuclear power station, shut down the electrical grid or contaminated an area’s water supply. That’s where Maryland-based cybersecurity startup Dragos finds its niche.

    Founded by former employees of the National Security Agency (NSA), Dragos focuses on protecting industrial control systems (ICS), which form the beating heart of infrastructure that millions of people depend on. Matt Cowell, director of product marketing at Dragos, spoke to RewardExpert about how the company can help keep businesses and the public safe.

    What’s at Stake

    Cowell points out that while financial losses due to a breach can be catastrophic, they are nothing compared to what could happen if bad actors were to take control of critical infrastructure. “With emerging threats such as TRISIS which target control system safeguards that are designed to ensure human safety, this is the bigger concern that warrants heightened focus,” he said. In fact, Dragos discovered the TRISIS malware last year, which was used to target a company in the Middle East.

    What Dragos Does

    How Dragos Platform Works
    Image via dragos.com

    Dragos started when the founders realized that many companies were not actively protecting their industrial control systems—systems that were left exposed as the TRISIS case demonstrates. “At the core, industrial systems have inherent design vulnerabilities that can be leveraged for malicious intent should an adversary gain access through physical access or enterprise network connections,” said Cowell. The Dragos products, including the Dragos Platform and the Dragos Worldview, help to shore up those vulnerabilities, cut out the hype and detect real threats.

    How it Works

    The Dragos Platform can detect threats and also offer the tools to stop an attack. The company uses threat behavior analytics as its primary threat detection method. “Threat Behavior Analytics are derived from an understanding of known adversary behaviors (threat intelligence) and provide our customers with greater context and confidence in alerts,” said Cowell. “Threat Behavior Analytics help the analyst discern the threat amongst the noise more quickly so they can focus their response where it’s needed most.”

    The company has a wide breadth of monitoring options and analyzes network traffic, host logs and more to get a realistic picture of everything going on in an ICS.

    Springing into Action

    If a threat is detected, the Dragos technology springs into action, providing a frontline defense against malicious actors. The company provides playbooks to help less experienced professionals stop the threat dead in its tracks. “The playbooks we provide assist the analyst with appropriate steps so that can be more structured in their response,” said Cowell.

    Cost Effective

    Besides mitigating the damage from a cyber attack, Dragos can help save companies time and money in other ways, too. By outsourcing with Dragos, companies can streamline the threat detection process. The technology is also easy to use. It’s built on open standards and integrates seamlessly into most existing infrastructures.

    Collecting Intelligence on the Bad Guys

    Dragos Cyber Protection Solutions
    Image via dragos.com

    The Dragos policy is to keep coy about the actors behind the attacks, unless they are discussed publicly other places first. This is to minimize any blowback to the industrial community. The company’s policy is not to attribute attacks to nation states, but it does identify seven activity groups who are targeting industrial control systems. Those groups are Allanite, Chrysene, Xenotime, Covellite, Dymalloy, Electrum and Magnallium.

    Who’s Using Dragos

    Right now, Dragos has customers from across the industrial spectrum, as most industries are facing vulnerabilities one way or another. “Our focus is on the Energy sector, Oil and Gas and Advanced Manufacturing,” said Cowell. To find out if Dragos is right for your business, check out dragos.com.

    Editorial Disclosure: Opinions expressed here are author's alone, not those of any bank, credit card issuer, hotel, airline, or other entity. This content has not been reviewed, approved or otherwise endorsed by any of the entities included within the post.

    UGC Disclosure: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved, or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.