News
Vendors

Xage listed among NREL’s initial clean energy Cybersecurity Accelerator report

September 12, 2023
Xage listed among NREL’s initial clean energy Cybersecurity Accelerator report

The U.S. Department of Energy’s National Renewable Energy Laboratory (NREL) released a public report outlining the procedures and outcomes of the first cohort of the NREL-led Clean Energy Cybersecurity Accelerator (CECA) program. Zero trust security firm Xage Security was one of three cybersecurity solution providers to participate in the first CECA cohort.

“Xage Security has participated in numerous programs in partnership with federal organizations to move the state of the art forward in cybersecurity for industrial control systems and critical infrastructure,” Roman Arutyunov, co-founder and senior vice president of products at Xage, wrote in a Monday company blog post. “From our participation in the Joint Cybersecurity Defense Collaborative (JCDC) with the Cybersecurity and Infrastructure Security Agency (CISA), to our ongoing work with the U.S. Department of Defense, U.S. Air Force, U.S. Space Force, and other agencies, Xage is committed to bringing Zero Trust cybersecurity to critical assets from the strategic core to the tactical edge across every critical infrastructure industry, including clean energy and renewable power.”

Xage is already delivering zero trust cybersecurity to clean energy-producing organizations, according to Arutyunov. “Just one example of this is Xage customer Leeward Energy, which is responsible for 25 Wind and Solar facilities driving over 2700MW of energy production. This and other customers in the renewable space have demonstrated that Xage’s Zero Trust Remote Access and Identity-based Access Control solutions can deliver security in challenging, highly distributed environments like those being embraced by the modern power industry,” he added. 

The testing conducted by CECA used various combinations of the MITRE ATT&CK Tactics and Techniques, which were recombined into various scenarios to test different phases and approaches an advanced persistent threat could take in an end-to-end killchain. The attack scenarios were developed based on real-world observed attacks against operational assets. 

Addressing the importance of designing systems that focus on protection, with defense in depth, to prevent breaches, CECA strongly advocates for a defense-in-depth approach that assumes a network breach will occur, and places authentication and authorization mechanisms inside critical operational sites. Using identity-based access control with multi-factor authentication (MFA) not only at the perimeter but at every layer of the operational environment is an important step to hardening overall system against attacks.

Arutyunov outlined that Xage offers defense-in-depth built-for industrial control systems (ICS). The Xage approach not only detects but also prevents cyberattacks by controlling every interaction with every asset, including user-to-machine and machine-to-machine interactions using a granular, identity-based access policy. 

He added that every interaction is individually authenticated and authorized, and access policies are dynamically enforced. “Xage provides the option to require phishing-resistant MFA at every layer so that even if an attacker successfully gets past the IT security perimeter, they will be stopped by an MFA challenge at the OT DMZ or a subsequent layer before they can do harm.”

On the importance of placing protection as close to critical assets as possible, the CECA testing assessed the ability to place access control points at key locations in the environment to block attackers from moving laterally is vital. 

Arutyunov said that Xage can be deployed at every layer of the environment, from cloud to IT, to DMZ to the OT edge, assuring that every device, including the furthest field assets, is protected against attacker compromise and lateral movement, even if the adversary has breached other layers of the environment.

Evaluating that detection alone is not enough to defend networks, the testing addresses eliminating implicit trust zones and establishing in-depth authentication for every asset interaction at multiple layers of the environment as a necessary approach to defending against breaches, including living-off-the-land attacks. 

“Xage adheres to the principles of zero trust by only allowing asset interactions that are explicitly allowed by identity-based policy. Whether from user-to-machine or machine-to-machine, Xage proactively prevents attackers from moving laterally within an environment,” according to Arutyunov. “Additionally, Xage rotates credentials on a per-session or schedule basis to protect against credential compromise. When sessions are complete, accounts are disabled, credentials are rotated, and previously allowed interactions are blocked further reducing the attack surface.” 

He added that “an overarching takeaway from this testing is that those responsible for industrial cybersecurity need new tools and approaches built specifically for their needs. IT-centric approaches are not sufficient to protect these critical assets.”

Last week, Xage named entrepreneur and cybersecurity executive Geoffrey Mattson as CEO, bringing with him vast experience as a ‘leader’ in R&D, product development, and go-to-market (GTM). Mattson will help guide the company in its next phase of growth.

Industrial Cyber News Desk
Industrial Cyber News Desk

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation