Three Key Takeaways:
- The Biden-Harris administration has highlighted the importance of a comprehensive, risk-based approach to Critical Infrastructure security led by the Department of Homeland Security and informed by threat intelligence.
- Operational Technology has a unique set of requirements including, specialized protocols, maintaining mission-critical uptime and handling unique assets.
- The Armis platform and its suite of products are best placed to deliver on the holistic security initiative being proposed by the latest NSM.
The security and resilience of U.S. critical infrastructure have never been more targeted by cyber attacks. On 30th April 2024, building on the National Cybersecurity Strategy, President Biden issued a new National Security Memorandum (NSM) with the primary focus of formalizing and elevating the framework of Federal Organizations that work with Industry to protect our national critical infrastructure. The NSM establishes milestones for developing new authorities and incentives to ensure that in an “era of strategic competition”, the Federal risk-management and intelligence communities are acting in “a comprehensive effort to protect U.S. infrastructure against all threats and hazards, current and future.”
With this in mind, how is Armis, a leader in OT cybersecurity, stepping up to deliver on the objectives laid out by the Biden-Harris Administration? This blog explores Armis’ role and how it empowers critical infrastructure industries, and their respective CISOs, Vulnerability Managers, and Plant Managers to meet these new national security challenges head-on.
A New Blueprint for National Security
The latest NSM updates an 11-year-old presidential policy document on critical infrastructure protection, and enshrines the current sector-based approach in protecting U.S. infrastructure. Central to the NSM is the empowerment of the Department of Homeland Security, with the Cybersecurity & Infrastructure Security Agency (CISA) acting as the National Coordinator for Security and Resilience. This reiteration of commitment towards infrastructure resilience is not just timely but essential in the face of nation-state actors and increasing threats.
The Armis Vision for Operational Technology Security
The memorandum’s vision aligns perfectly with Armis’ mission to provide unmatched visibility and security across OT, IoT, and IT – the backbone of critical national infrastructure. Armis understands that a security platform should not only identify and counter threats but also provide a strategic framework to manage vulnerabilities proactively. This has been proven in both the external acquisition of technology that aids these capabilities and our own internal product roadmap. Here’s how Armis aligns with the latest directives:
Supporting Sector-Specific Risk Management
The reaffirmation of Sector Risk Management Agencies (SRMAs) under the NSM calls for specialized security approaches tailored to specific sectors.The memorandum specifically states that advancing critical infrastructure requires a risk-based approach and that risk assessments must consider all threats and hazards, likelihood, vulnerabilities, and consequences.
Armis Centrix™ for OT Security uniquely supports every stage of a ‘proactive risk-based’ approach, starting with a deep understanding of every asset within an organization’s network, streamlining risk prioritization, remediation and lifecycle management. The platform is enhanced with actionable threat intelligence for preemptive defense against potential cyber threats, enabling organizations to adopt an intelligence-driven approach to cybersecurity. Armis is empowering OT enterprises to stay ahead of cyber threats, using experience gathered in 40+ critical infrastructure industries to fuel innovation that ensures their digital assets and operations remain secure in the constantly evolving digital landscape.
Integrating Intelligence and Security
Following the NSM’s directive for intelligence sharing, Armis facilitates real-time threat detection and response by leveraging comprehensive asset intelligence. Through the platform, OT industries gain crucial insights into vulnerabilities, industry benchmarking and other security findings, enabling preemptive action against potential threats. This is showcased in the launch of a 5th product on the platform, Armis Centrix™ for Actionable Threat Intelligence – providing another layer of proactive defense to critical infrastructure environments. Not only does the Centrix platform collect and ingest information to improve global asset knowledge, the development of Armis Labs has created a unique stream of thought leadership and industry intelligence that can be relied on and acted upon by business leaders and decision makers.
Enhancing Resilience Through Technology
With a clear mandate from the NSM to bolster the resilience of critical infrastructure, Armis’ platform plays a key role. It not only secures networks but also ensures continuity and reliability in operations. In doing this, Armis directly contributes to the national agenda of building resilient infrastructures through the proactive securing of critical infrastructure processes.
Championing Minimum Security Requirements
The NSM highlights the criticality of enforcing minimum security standards. Traditional security tools cannot monitor industrial control systems (ICS) and OT since these assets cannot accommodate security agents. Armis CentrixTM allows agencies to passively identify and classify the make, model, firmware and location of every OT device on a network. This provides a secure foundation on which agencies can bolster their defenses in today’s volatile threat landscape.
Our Asset Intelligence Engine profiles 4B+ assets, and we add ~2.5M daily. This allows customers to move from reactive to proactive. Our use of AI predicts attacks by leveraging dynamic honeypots, dark web and HUMINT, the ability to cater to air gapped and converged environments, and hyper-efficient value packs that cater to specific OT environments.
Meeting the Moment Together
The Biden-Harris Administration’s NSM is a clear call to action for all stakeholders involved in safeguarding America’s critical infrastructure. As Armis continues to innovate and collaborate with industry partners, a holistic platform approach is more vital than ever in translating the ambitious goals of resilient-by-design into immediate and tangible security outcomes.
For operational technology industries, Armis offers not just a product but a partnership in the mission to secure and enhance the nation’s critical infrastructure. For Sector Risk Management Agencies, Armis provides visibility and experience in sector-specific security and cross-sector risk assessment.
To explore how Armis can help your organization, contact us today.