With a categorized OT asset inventory, United Airlines stays a step ahead of potential threats and regulatory directives
United Airlines operates in a highly regulated industry with new directives around cybersecurity expected to be forthcoming. Armis provides the organization with an up-to-date operational technology (OT) asset inventory of every device on the network. This helps the airline stay ahead of the curve in terms of compliance and decrease risk to the organization overall.
Headquartered in Chicago, Illinois, United Airlines is the third largest airline in the world by fleet size and number of routes. With over 800 planes, it operates regular flights to all six inhabited continents, serving 342 destinations in 48 countries.
The airline’s cybersecurity and digital technology teams are located in the Chicago area and Houston, Texas. Chris Peters, the principal architect for operational technology and industrial control system cybersecurity, has worked with the company for a little over a year and a half and has over 15 years of experience in cybersecurity. He is focused on maintaining security for the organization’s sprawling network of OT devices—in seven hubs spanning Chicago, Los Angeles, San Francisco, Houston, Chicago, and other locations.
According to Peters, the OT security team did not have a clear idea of all the devices in the OT network. The traditional network monitoring tools that were in place were not designed to build a comprehensive inventory of OT hardware and software. He acknowledged that, while it was possible to manually ping the IP addresses of every single known device and start analyzing its function and what it was communicating with, that would have been a monumental task.
Following a successful proof-of-value (PoV), United Airlines deployed Armis Centrix™.
Continue ReadingChallenges
- Building a complete and accurate OT asset inventory
- Categorizing OT assets
- General need to decrease risk to the organization
Results
- Provided deeper visibility into the large OT asset estate
- Enhanced security posture
- Helped prepare for new regulation and compliance requirements
- Prioritized vulnerabilities for the incident response team