Dubai, United Arab Emirates – Dragos Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, today announced the launch of its new Dragos OT-CERT (Operational Technology - Cyber Emergency Readiness Team), a cybersecurity resource designed for industrial asset owners and operators to help them build their OT cybersecurity programs, improve their security postures, and reduce OT risk.
Delivered via the OT-CERT portal, member organizations will have free access to OT cybersecurity best practices, cybersecurity maturity assessments, training, workshops, tabletop exercises, webinars, and more. In addition, OT-CERT will coordinate with OEMs regarding disclosures for vulnerabilities discovered by Dragos threat intelligence researchers, as well as cyber threats detected by Dragos targeted at the OEMs’ products. OEM partnerships are critical to coordinated vulnerability disclosures and effective threat response to protect and support industrial infrastructure in the escalating cyber threat environment.
Dragos OT-CERT addresses a serious gap in securing industrial infrastructure: the lack of OT-specific resources readily available to the industrial infrastructure community. The gap is especially critical among small and medium sized businesses that often have limited expertise and resources to address ICS/OT cybersecurity risks. According to Gartner, “Organizations continue to face acute and growing shortages of OT security skills to foster and support IT/OT integration, and securely support digital transformation efforts.1”
“Dragos’s stated mission is to safeguard civilization, and that means protecting all industrial infrastructure, not just the most skilled or the best resourced organizations,” said Dawn Cappelli, Dragos’s newly appointed OT-CERT Director. “Our goal for Dragos OT-CERT is to be a useful, relevant, and actionable community resource for industrial asset owners and operators by aligning them with the resources, training, partnerships, and community needed to make securing their OT environments possible.”
Organizations of all sizes are eligible for OT-CERT membership. Larger organizations will benefit from free resources such as OT best-practices blogs and OT vulnerability disclosures from Dragos’s industry-leading Threat Intelligence team. Dragos OT-CERT will also aid large companies by helping to improve the security posture of smaller organizations in their supply chain that can pose a risk to their business operations.
Partnerships are critical to the success of OT-CERT, empowering ICS/OT practitioners to leverage their combined experience, collectively raise awareness of ICS cybersecurity issues, and contribute to the ICS community for long-term industry impact.
In launching this new resource, Dragos partnered with the National Association of Manufacturers, which represents 14,000 manufacturing companies in every industrial sector and supports them through a focus on both cyber threat identification and proactive security practices that are critical to making the entire supply chain more secure.
“The National Association of Manufacturers is deeply committed to supporting its members as they navigate the challenges and opportunities that arise from digital transformation and Manufacturing 4.0, and it’s critical that their OT security remain paramount as they undertake this evolution,” said Todd Boppell, Chief Operating Officer, National Association of Manufacturers (NAM). “Of the National Association of Manufacturers’ 14,000 member companies, 90 percent are small and medium-sized manufacturers that often lack the kind of resources and OT cybersecurity teams that larger organizations have. Dragos OT-CERT is the first community-focused resource of its kind to provide practical solutions to this often under-served community.”
“Industrial Infrastructure organizations, and the services they provide, impact all of our lives, and the operational technologies that underpin these organizations are under attack now more than ever before,” said Michael Lester, Director of Cybersecurity Strategy, Governance and Architecture for Emerson’s Automation Solutions business. “We're eager to work with Dragos OT-CERT in its mission to protect OT infrastructure by partnering on threat and vulnerability discovery and mitigation as well as assets for resource-constrained organizations.”
“As the cyber threat environment escalates and cyberattacks increasingly impact industrial infrastructure, we’re excited to team with Dragos OT-CERT to bring greater awareness to the risks to the ICS/OT community and the need for OT cybersecurity,” said Tony Baker, Chief Product Security Officer at Rockwell Automation. “This free resource comes at just the right time, and the OEM collaboration will help enable effective threat response and coordinated vulnerability research.”
Initial Dragos OT-CERT partners include the National Association of Manufacturers, Emerson, Rockwell Automation, and four Information Sharing and Analysis Centers: E-ISAC (electricity), ONG-ISAC (oil and natural gas), DNG-ISAC (downstream natural gas), and WaterISAC.
To learn more about Dragos OT-CERT or to apply to become a member of Dragos OT-CERT, visit here. To read the OT-CERT blog post, visit here.
-Ends-
About Dragos, Inc.
Dragos has a global mission: to safeguard civilization from those trying to disrupt the industrial infrastructure we depend on every day. The practitioners who founded Dragos were drawn to this mission through decades of government and private sector experience.
Dragos codifies the knowledge of our cybersecurity experts into an integrated software platform that provides customers critical visibility into ICS and OT networks so that threats are identified and can be addressed before they become significant events. Our solutions protect organizations across a range of industries, including power and water utilities, energy, and manufacturing, and are optimized for emerging applications like the Industrial Internet of Things (IIOT).
Dragos is privately held and headquartered in the Washington, DC area with regional presence around the world, including Canada, Australia, New Zealand, Europe, and the Middle East.
1 Gartner®, “Market Guide for Operational Technology Security,” Katell Thielemann, Wam Voster, Barika Pace, Ruggero Contu, January 13, 2021.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Media Contact
Nausheen Shamsher
nausheen@procre8.biz