Today, Armis has announced the Critical Infrastructure Protection Program (CIPP) to help organisations supplying systemically important entities such as energy, water, marine ports, and wastewater to pinpoint and fortify assets in need of urgent security improvements. Under this new program, critical infrastructure providers in the U.S. and NATO-aligned countries will have complimentary access to Armis for three months. As technologies converge, it is important now more than ever that public and private organisations collaborate to address the visibility gap and reduce this growing threat.
Geopolitical instability associated with the Russian invasion of Ukraine, along with ongoing U.S. and North Atlantic Treaty Organisation (NATO) aid to Ukraine’s defence efforts, increases the possibility of retaliatory cyberattacks against critical infrastructure in the U.S. and NATO-aligned countries. The program is complementary to Cybersecurity & Infrastructure Security Agency, or CISA, guidance which has been provided through the SHIELDS UP initiative to help organisations like those noted above prepare for, respond to, and mitigate the impact of cyberattacks. The potential attack surface of critical infrastructure across the U.S. alone includes:
- 55,000 substations on our electric grid
- 360 commercial maritime ports
- 6 million miles of pipeline
- 14,000 wastewater treatment plants serving 240 million Americans
“The ongoing modernisation of critical infrastructure brings efficiencies and scalability to the lifeline services we rely on, such as electric power grids, commercial maritime ports, oil and gas pipelines, transportation services, and water treatment facilities. As these cyber-physical systems expand throughout our critical infrastructure, the attack surface and inherent risk are growing at an alarming rate,” said Yevgeny Dibrov, CEO and Co-founder of Armis. “By joining the power of the Armis asset visibility and intelligence platform with leading security providers like Kroll, we are bringing the Critical Infrastructure Protection Program forward to collaborate and defend against future cyberattacks.”
Announced in February as a response to Russia’s invasion of Ukraine, CISA’s SHIELDS UP program highlighted the risk of increased malicious cyber activity to the U.S. homeland. Armis also provides the following guidance:
- Uncover critical unknowns – See the full inventory of connected wired and wireless assets
- Understand risks – Prioritise vulnerability management with full device risk analysis, including vulnerability and behavioural analysis
- Device connection study report – Discover and study potential attack vectors with device connectivity and interdependency mapping
- Segmentation and boundary analysis – Rely on an actionable analysis to fortify boundaries and eliminate unauthorised connections
- Software and hardware gap analysis – Understand hidden software and hardware gaps and risks
- Alerts – Contain threats and exploits in near real time through integration with SIEM, SOAR, and/or XDR
- Advanced reporting and analysis – Generate reports to satisfy compliance, regulatory, and auditing requirements
In conjunction with the introduction of the Critical Infrastructure Protection Program, Armis is partnering with Kroll, the leading provider of data, technology and insights related to risk, governance and growth. Kroll’s frontline threat intelligence, generated from responding to more than 3,200 incidents every year, will be merged with Armis’ OT and ICS telemetry to enable clients to build cyber resilience and confidently respond in the event of an incident. Organisations will be able to sign up for the program starting today, through June 17, 2022.
“The cyber defence of critical infrastructure is of paramount importance. This requires comprehensive threat intelligence, technical visibility and continual detection and response to secure complex OT and ICS environments,” said Jason Smolanoff, President of Cyber Risk at Kroll. “We must test controls, simulate attack scenarios, and conduct regular tabletop exercises to generate confidence that the security measures we take are effective. In collaborating with Armis we are bringing together their deep visibility with our extensive field experience, enabling clients to protect their most critical assets.”
Services and Benefits of the Critical Infrastructure Protection Program
Three months of complimentary access includes:
- Armis unified asset visibility intelligence and security platform, including the Armis IT and OT Policy Library
- Network Traffic Analysis for IT & OT networks
- Vulnerability, threat detection, and threat intelligence engines
- Armis Security Architect and Deployment Manager
- Pre-built integrations for existing security platforms, such as scanners, firewalls, NACs, WLC, endpoint protection, and XDR solutions
Organisations participating in the program will receive:
- Complete visibility into all connected Operational Technology (OT) and Information Technology (IT) assets
- Rapid identification and easier management of security risks
- Confident risk management of all connected OT and IT assets
- Access to a customisable Cyber Risk Retainer from Kroll that includes preparedness, assessment, and response solution
