Fortress Labs

Excited to share that the Fortress Labs platform is officially Ignition-Ready certified (Inductive Automation). We've already begun working with a few of the largest Ignition end users in the world... Why? How does our platform benefit Ignition users? Ignition is a powerful, flexible, and scalable application for industrial environments, but it does not natively handle orchestration or infrastructure management. For industrial enterprises with a large (or growing) Ignition install base, our orchestration platform simplifies infrastructure management and eliminates the need for manual IT intervention, providing built-in workflows for patching, system upgrades, roll-back, failover, and cyber resilience—all without service interruption. Not only does the Fortress Labs platform make it easy to scale and manage your Ignition deployment, but it can also wrap around legacy, stand-alone applications, creating a unified orchestration "backbone" for Ignition and beyond. If you would like more information or would like to see a demo of our platform supporting Ignition, please DM me. PS: Special thanks to Travis Cox for his support not just of our efforts, but of the entire Ignition ecosystem.

Nice whitepaper from Harry Forbes at ARC Advisory Group on orchestration in the industrial world. (Link at bottom of post) I have many thoughts, but there's one major elephant in the room that the paper doesn't spend much time addressing: The vast majority of industrial control systems are not containerizable and thus do not support the orchestration tools (Kubernetes, Ansible, etc.) mentioned in the whitepaper. It's possible that a decade from now, the leading process automation applications will have been refactored to support full containerization—and there are some leaders in the industrial software space (like Inductive Automation) that are already there. But as things stand now, there is an unbridgeable chasm between industrial control and automation systems and common IT orchestration tools.* Consequently, even if we assumed that on-site industrial operators had the requisite training to manage orchestration tools (they don't), the upsides of system orchestration described in the whitepaper remain mostly inaccessible to them... ...or well, they did, until Fortress Labs. We've developed a unified, dynamic system orchestration platform that delivers the benefits of container orchestration discussed in the whitepaper—simplified infrastructure management, real-time patching and software upgrades, application-level rollback/failover, reduced infrastructure costs, enhanced cyber resilience—to industrial applications in the here and now, without requiring containerizability at all. All of the core components of container-based orchestration we have built out within a VM-based architecture, with an eye toward industrial-specific workflows and requirements. We recently began deploying this orchestration tool in industrial environments across manufacturing, energy, and critical infrastructure sectors, and we've also started working with some of the leading industrial OEMs to ensure that we can support their control systems—without requiring any modification at the application level. If you are an end-user, integrator, or OEM and want to learn more about our platform, please DM me. https://lnkd.in/eR8646wJ *Note to clarify: I emphasize "control and automation" systems because there are other applications in the industrial environment, especially "higher up" in the stack, that are containerizable. But many of these are just IT applications living in the OT environment.

Modern systems should be?Scalable, Resilient, and Secure. But the urgency of protecting against zero-day exploits means we rely heavily on vendors to ensure quality. The CrowdStrike incident showed just how fragile our technology ecosystem can be when Vulnerability Management and Change Management procedures are not up to par. Don’t leave your systems vulnerable!?Join Benjamin Simon at #BlackHat to discover how you can achieve the benefits of a modern system architecture in OT/ICS, even with your legacy applications.

A short breakdown by Leor Fishman of the different lessons that OT/ICS operators and cyber professionals should consider in the wake of the CrowdStrike disaster.

Thinking more about the implications of the CrowdStrike incident for OT/ICS environments... 1. CLOUD AND INTERNET CONNECTIVITY This debacle likely strengthens considerably the arguments of the anti-cloud/anti-connectivity crowd in OT. For better or for worse, organizational roadmaps for IT/OT convergence, cloud adoption, etc just got lengthened. 2. RESILIENCE AND RECOVERY If anything underscores the need for robust, well-tested, (near-)instantaneous recovery processes, it was this event. OT asset owners and cyber managers should be thinking hard about which recovery technologies actually provide true, quick recoverability in scenarios that mirror the CrowdStrike failure. It might not be (and in fact most likely won't be) a nation-state level cyber attack that takes your network down. In all likelihood, it will be a human error, bad patch, or something of the like that wreaks havoc. 3. PATCHING AND CHANGE MANAGEMENT OT/ICS professionals do not apply real-time patches to live industrial environments out of concern for scenarios like the one the world saw today. While I'm certain we will see an uptick in knee-jerk anti-patching mentalities, I don't think that's the right takeaway. Instead, we should be thinking more about how to make "cyber hygiene" safe and reliable. Introducing secondary systems with isolated redundancy will enable operators to test patches more thoroughly and in hyper-realistic environments before applying them. Isolated, uncoupled secondary systems also enable operators to use their secondary environments during the patching process to maintain full reliability even if the patch is faulty. At Fortress Labs, we are thinking hard about how to make sure industrial environments are resilient and robust enough so that what happened today in the IT world doesn't happen as industrial control systems continue to evolve and modernize. Please reach out if you have any thoughts—we'd love to chat.

Is your OT cybersecurity strategy complete? Benjamin Simon shares how the Fortress platform is essential for cyber resilience. Until now, your recovery strategy may have relied on high availability (HA) or backups. However, with the increased cyber risk, you need a solution that is isolated and instantly ready to go! See how Fortress is revolutionizing cyber resilience and follow us on LinkedIn to stay connected. www.fortresslabs.com #otcybersecurity #availability #bcdr #iec62443 #nerccip

Our third post in our four-part series on OT cyber resilience is up! This one explores whether High Availability truly provides cyber resilience for industrial environments. Benjamin Simon Leor Fishman #OTCyberResilience #BCDR #ICSResilience #ICS

In case you missed it, we released the first two posts in our four-part series on OT cyber resilience. Post One (OT Cyber Resilience and the “Right Side of the Bowtie”) can be found here: https://lnkd.in/geM8TFfZ Post Two (The Inadequacy of Backup and Recovery for OT Cyber Resilience) can be found here: https://lnkd.in/giavPdpG Stay tuned later this week for the penultimate post in the series, which will explore the viability of High Availability (HA) systems from an OT cyber resilience perspective. Benjamin Simon Leor Fishman Michael Miller #OTCyberResilience #ICS #BCDR

In case you missed it, we released the first two posts in our four-part series on OT cyber resilience. Post One (OT Cyber Resilience and the “Right Side of the Bowtie”) can be found here: https://lnkd.in/geM8TFfZ Post Two (The Inadequacy of Backup and Recovery for OT Cyber Resilience) can be found here: https://lnkd.in/giavPdpG Stay tuned later this week for the penultimate post in the series, which will explore the viability of High Availability (HA) systems from an OT cyber resilience perspective. Benjamin Simon Leor Fishman Michael Miller #OTCyberResilience #ICS #BCDR

We are excited to release the second blog post in our four-part series on OT cyber resilience, written by Fortress Labs founders Benjamin Simon and Leor Fishman. In this post, the authors argue that traditional Backup and Recovery methods fail to provide adequate cyber resilience for critical industrial systems. Stay tuned for the next posts to follow, where the authors evaluate potential alternatives to Backup and Recovery! Benjamin Simon Leor Fishman Michael Miller #OTCyberResilience #ICS #OT #BCDR