Trend Micro has announced a first-of-its-kind OT-native endpoint security solution, provided as part of its total security solution for smart factories. Developed by TXOne Networks, TXOne StellarProtect is designed to secure all OT endpoints, regardless of environmental conditions, for any mission-critical ICS environment.
The massive number of ICS endpoints in these working environments provides a large variety of attack surfaces, as they often include many unpatched or otherwise vulnerable devices. Disruption of these endpoints causes significant problems for manufacturers and can jeopardize the entire operation.
According to the Trend Micro 2020 annual cybersecurity report, the manufacturing industry became a primary target for highly infectious ransomware attacks, making it more important than ever to secure these assets with technologies tailored to their purpose.
“The ugly truth of ICS endpoint security is that there has not been any security solution specifically designed for the high-availability needs of modernized equipment in the OT environment,” said Akihiko Omikawa, executive vice president of IoT security for Trend Micro and chairman of TXOne Networks. “Cybersecurity solutions for ICS endpoints must consider three elements to meet industry expectations: low impact to performance, zero interruption, and all-terrain protection.”
The unique needs of the shop floor environment create challenges to finding protections that secure the work site while still giving the necessary priority to performance. Traditional solutions, such as signature-based antivirus, can identify known threats but require constant internet connectivity and frequent updates, which is simply not possible for mission critical assets.
Advanced machine learning-based solutions are able to identify anomalies and unknown threats quickly, but have a high rate of producing false positives that can easily interfere with operations. While application control or lockdown-based solutions are more streamlined and their trust list makes deployment straightforward, they also rigidly limit a machine to a specific purpose and so are only ideal for fixed-use systems. These single technology solutions serve many useful purposes, however are unable to provide the adaptivity necessary to both safeguard and accommodate the operational integrity of assets dedicated to production.
TXOne StellarProtect delivers uniquely ICS-native endpoint protection against both known and unknown malware via machine learning and ICS root of trust. To avoid redundant security scans and ensure minimal impact to performance, ICS root of trust collects over 1,000 ICS software certificates and licenses and verifies them in advance. StellarProtect requires no internet connection to defend against malware-free attacks due to its least privilege-based policies. Operational interruption from malicious attacks or even mis-operation by personnel is prevented by its built-in ICS application behavior learning engine.
“ICS endpoint security solutions must accommodate the needs of OT environments, not the other way around,” said Dr. Terence Liu, General Manager for TXOne Networks. “TXOne StellarProtect is setting a new milestone for endpoint protection in ICS security. We look forward to helping customers mitigate cyber risk in their environments without any disruption or adjustments.”