Critical Infrastructure Protection Program

The cyberattack threats to critical infrastructure providers and organisations in NATO countries have significantly increased after the invasion of Ukraine. Russian government groups and state-backed cybercriminals have been actively targeting cyber assets in Ukraine as part of the attack. The military and other assistance that NATO countries have provided for the defence of Ukraine have made Russian aggressors target critical assets in those countries. While these attackshave been happening for years, they have increased substantially since the invasion.??

?

In the last six months, Armis, the leading unified asset intelligence platform, has seen a 73% increase in RDP-based attacks targeting the infrastructure in sectors like energy production, pipelines, drinking water transport, wastewater systems, and healthcare providers.?

?

?

Protecting Critical Infrastructure?

?

Protecting the critical infrastructure that underpins much of the modern world is essential. The best time to implement protections was in the past, but failing that, the next best time to do it is today. To that end, Armis has created the complimentary Critical Infrastructure Protection Program (CIPP) as part of an all-hands-on-deck effort to support the USA CISA's Shields Up recommendations. Those CISA recommendations are as applicable to critical infrastructure providers outside the USA as well. CIPP is available to critical infrastructure providers operating in NATO member states.?

?

?

The Armis Critical Infrastructure Protection Program?

?

Armis CIPP is designed to address critical infrastructure providers' cybersecurity needs and gets delivered in conjunction with specialist partners. CIPP enables organisations to identify all the assets on their network (IT, IoT, and OT), evaluate risk, and delivers advice on steps that organisations should take to close cybersecurity gaps.??

?

CIPP delivers access to:?

?

• Armis? unified asset intelligence platform?
• Operational Technology (OT) Policy Library?
• Unlimited virtual collectors for passive network traffic analysis within IT or OT segments?
• Additional on-prem hardware available on request (additional fees may apply) within OT segments?
• Vulnerability, threat detection, and threat intelligence engines?
• Armis Security Architect and Deployment Manager?
• Access to the Armis partner community for detection, incident response, and forensic services?
• Pre-built integrations for existing security platforms, such as scanners, firewalls, NACs, WLC, endpoint protection, and MDR solutions?

?

?

Discovering Your Risk Profile?

?

When an organisation deploys Armis CIPP, it will quickly get access to the information and activities outlined below:?

?

• Expose the unknown – full inventory of all wired and wireless devices connecting to the critical infrastructure?
• Understand risk – full device risk analysis, including vulnerability and behavioural analysis?
• Device connection study report – expose vector of attack with device connectivity and interdependency mapping?
• Segmentation and boundary analysis – actionable analysis to fortify boundaries and eliminate unauthorised connections?
• Software and hardware gap analysis – understand hidden software and hardware gaps and risks?
• Compliance support – Documentation and intelligence to comply with multiple compliance and regulatory requirements?
• Automated threat responses – alerts of real-time threats and exploits forwarded to your SIEM, SOAR, or xDR solution?
• Advanced reporting and analysis – reports to satisfy compliance, regulatory, and auditing requirements?
• Timely response to threat activities and incident response??

?

Policies and responses incorporated in CIPP come from the Armis Policy Library, which builds on the MITRE ATT&CK for ICS Tactics, Techniques, and Procedures. These pre-built libraries can trigger alerts, orchestrate remediation, and trigger detection and response services from the Armis CIPP partner ecosystem. ?

?

False positives and general alert noise are real problems on many networks and industrial control systems. The CIPP policies are designed to intelligently filter this noise and surface items that pose a real risk to an organisation, along with suggested actions.??

?

If you want to answer the question, "What do I have, and what is it doing?" about your critical infrastructure networks, then Armis CIPP will provide you with the answer. And with actionable items that you can implement to plug any gaps.?

?

?

Infosecurity Europe Conference 2022?

?

Armis are a headline sponsor of the upcoming Infosecurity Europe conference and expo that is happening in London from the 21st to the 23rd of June 2022. The Armis team will be in attendance, and it will be an excellent opportunity to meet with them and discuss your critical infrastructure cybersecurity strategy (as well as cybersecurity for other sectors!) ?

?

You can read more about Armis' activities at the conference and book meetings with the team on the Armis Infosec 2022 landing page.?

?

?

Find Out More?

?

Renaissance partners with Armis to make their cybersecurity solutions available in the Irish marketplace. While CIPP is focused on NATO members, the Armis platform is available to Irish organisations via alternate solutions. Contact us today to chat about the Armis platform tools or arrange for further information directly via an expert from their team.?