New OTORIO patent allows continuous monitoring, assessment of cybersecurity risks, vulnerabilities

OTORIO announced last week that it secured a patent from the U.S. Patent and Trademark Office (USPTO) for its risk management model and attack graph analysis algorithm. The unique technology is said to calculate OT cybersecurity threats by analyzing and visualizing four key components – threat, likelihood, vulnerability, and impact – and provides risk mitigation actions prioritized according to actual exposure and potential impact on operations. These insights enable organizations to take proactive measures to safeguard their critical assets and processes.

With the U.S. Patent No. 11637853, titled ‘Operational Network Risk Mitigation System and Method,’ the Tel Aviv, Israel-headquartered OTORIO claims the approach sets a new standard in OT (operational technology) cybersecurity risk management. It said that by using its proprietary algorithm incorporating industry-standard metrics and adhering to the National Institute of Standards and Technology (NIST) CVSS (Common Vulnerability Scoring System) system for vulnerability scoring, the patented technology ensures compliance with industry standards and avoids the need for re-scoring of common risks.

Yair Attar, Leon Levitsky, Matan Dobrushin, Aviad Elizur, and Ido Peled are credited as the inventors of the OTORIO patent. 

Breaking down the patent, Attar, the company’s co-founder and CTO, told Industrial Cyber that OTORIO’s patent describes a Cyber Digital Twin technology that creates a virtual replica of an industrial control system (ICS) network, allowing for continuous monitoring and assessment of cybersecurity risks and vulnerabilities. “The technology uses real-time data from the ICS environment and applies advanced analytics to provide insights into potential threats and suggest mitigation strategies proactively. This approach helps to focus on the most practical call to action, assisting organizations to have better ROI on their existing security controls.”

OTORIO’s Cyber Digital Twin technology is a secure, sandboxed model of a company’s operational environment for safe (non-intrusive) breach and attack simulations (BAS) and data-driven impact analysis. It creates a holistic visual representation of an organization’s OT network topology, identifying segmentation gaps and attack vectors to critical assets and processes. 

The Cyber Digital Twin recommends practical steps for improving the security posture, such as restricting communication or hardening specific assets. The technology prioritizes risk mitigation according to the actual exposure of a company’s vulnerable assets and the potential impact on its operations.

The technology helps to eliminate blind spots within a company’s operational environment, improve the efficiency of risk-reduction efforts by prioritizing vulnerabilities and security gaps, proactively remove the most critical risks while providing clear, practical mitigation recommendations and delivering sandboxed analysis that safely predicts the impact of potential attacks and environment changes. 

It also improves ROI (return on investment) for existing security controls, helps optimizes processes, identifies misconfigurations and offers mitigation recommendations, provides immediate value through automated assessment of online and offline data, and minimizes noise and adds context for a better understanding of security posture.

Covering how OTORIO’s Cyber Digital Twin technology improves organizational cybersecurity posture in OT/ICS environments, Attar said that the technology improves organizational cybersecurity posture in OT/ICS environments by continuously monitoring and assessing cybersecurity risks and vulnerabilities. He added that “it enables organizations to identify and address potential threats and vulnerabilities before cyber attackers can exploit them. This proactive approach to cybersecurity helps organizations reduce the likelihood and impact of cyber attacks and protect critical infrastructure proactively.”

Attar also explained that OTORIO’s proprietary algorithm sets a new standard in OT cybersecurity risk management because it applies a proactive and comprehensive risk-based management approach. “It helps organizations focus on the risk that matters; while a lot of other solutions in the market focus on vulnerabilities, this approach focuses on exploitation vectors,” he added. 

“Based on advanced analytics, the algorithm identifies patterns that may indicate potential attack vectors and provides insights into the most effective mitigation strategies,” according to Attar. “The algorithm is constantly learning and adapting to new threats and vulnerabilities, making it an effective tool for managing cybersecurity risks in OT/ICS environments.”

Addressing the benefits of a comprehensive OT security posture assessment in terms of risk-informed operations for OT/ICS environments, Attar said that “OTORIO’s comprehensive OT security posture assessment delivers risk-informed operations by providing organizations with a detailed understanding of their cybersecurity risks and exploitation vectors, helping them understand what an attacker might be capable of doing.” 

Attar added that the assessment identifies potential threats and vulnerabilities that are exploitable and provides recommendations for mitigation strategies based on impact analysis and risk prioritization. “The benefits of this approach include improved situational awareness, reduced risk of cyber attacks, and enhanced resilience to cyber threats in OT/ICS environments.”

OTORIO disclosed in a blog post that the newly patented simulation model is central to the company’s platform, providing the core engine to quantify business risk. This risk-informed approach is vital in OT, where cybersecurity risks can affect business and operational resilience. The patent offers a unique view into the OT environment with ‘unparalleled visibility and control’ over potential cyber threats, enabling our clients to stay ahead of emerging threats. It also contributes to business and operational resilience, decreasing the likelihood of cybersecurity risk.

The OTORIO model has been crafted with the highest standards of safety and security in mind. It uses advanced mathematics, AI-driven analysis, anomaly detection algorithms, and other sophisticated techniques to identify threats and vulnerabilities in an operational environment. With its holistic approach to risk assessment, this model helps organizations reduce their overall exposure to cybersecurity risks and maintains compliance.

The OTORIO patent comes at a time when global cybersecurity agencies have published details in a technical advisory containing information that can be used to detect and prevent attacks involving the Snake malware, including a recent variant. The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets. Considered to be the most sophisticated cyber espionage tool in the FSB’s arsenal, Snake has been purpose-built to avoid large-scale detection.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.