Swimlane forms OT security automation solution ecosystem with 1898 & Co., Nozomi Networks, Dataminr

Swimlane forms OT security automation solution ecosystem with 1898 & Co., Nozomi Networks, Dataminr

Security automation vendor Swimlane announced Monday the formation of an operational technology (OT) security automation solution ecosystem tailored to meet combined OT and IT security requirements within critical infrastructure environments. The company formed partnerships and integrations with 1898 & Co., Nozomi Networks, and Dataminr to deliver converged security orchestration and automation to protect OT and cyber-physical systems

Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can deploy either through managed services or add to their existing environment. 

Swimlane announced a technology integration with Nozomi Networks that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. The integration elevates the protection of OT and critical infrastructure to deliver real-time incident response capabilities, automated asset management, compliance and defense, and SOC automation suite and system of record. 

Swimlane aligns with 1898 & Co. for managed threat detection. 1898 & Co. has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. 

With Dataminr, Swimlane leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, social unrest, or other types of physical risk.

Commenting on the critical role that security automation plays in OT environments, Cody Cornell, co-founder and chief strategy officer of Swimlane, told Industrial Cyber that automation is essential for defending against growing cyber threats most effectively and efficiently possible, especially with the large amount of OT and IT data and telemetry to analyze and the lack of cybersecurity expertise in the OT sector. 

By integrating security automation at the center of their operations, businesses can get the most out of their current security staff and investments, improve team productivity overall, and gain more insight into their most important assets and essential infrastructure, Cornell added.

Detailing how it helps security operations teams within industrial organizations, as cyber threats grow in frequency and severity, Cornell said that Swimlane provides a security automation solution that gives these essential organizations the tools to defend against rising cyber threats effectively. 

“For example, integrating with Nozomi Network makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points,” Cornell said. “The integration with Dataminr offers automated procedures to reduce physical risks and give at-risk employees the earliest possible warning to ensure their safety. When communicating with staff members affected by a natural disaster, accident, social unrest, or other physical risk, this cyber-physical threat response saves organizations valuable minutes.”

Cornell also pointed out that Swimlane’s integration with 1898 & Co. allows for industrial and critical infrastructure entities to be added to managed threat detection services backed by Swimlane security automation that are specifically designed to address OT-specific challenges. “These services include detecting both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods,” he added.

Explaining how the OT security automation solution ecosystem comes together, Cornell said that OT customers face three fundamental challenges. “First, the convergence of existing OT assets, greenfield cyber-physical technologies, and IT infrastructure and systems have exponentially expanded the surface for attacks on critical infrastructure. Second, this expansion places increased pressure on both OT and cybersecurity teams, as attacks can and often do emanate from either domain – forcing teams to unify detection and response processes in order to holistically defend the expanded environment. This recognition leads to the third challenge – how? How do they unify security operations processes in order to effectively protect their environment?”

“Recognizing this, Swimlane’s OT Cybersecurity Ecosystem seeks to align OT and IT cybersecurity threats, asset intelligence, and expertise to address solutions across the IT-OT landscape,” Cornell said. “By putting low-code security automation at the center of the solution and integrating with premier providers in OT security, including Nozomi Networks, Dataminr, and 1898 & Co. we can effectively enable OT security teams to unify threat detection and response, leveraging intelligence and telemetry from both the OT and IT environments.”

Gary Kinghorn, senior director of product marketing at Nozomi Networks, told Industrial Cyber that the key to maintaining continuous asset compliance is automating the asset visibility and monitoring process, especially as OT and IoT device counts increase.

“To reduce the attack surface you have to understand what is on the network and what vulnerabilities need to be addressed, and which vulnerabilities are severe enough to be prioritized,” according to Kinghorn. “This is an enormous amount of information that has to be kept up to date and correlated with global CVE data sources and remediation playbooks that have to be managed. Without a platform that can automate most or all of these efforts, it’s nearly impossible to stay ahead of the threats,” he added. 

Addressing the advantages of integrating low-code security automation with OT and IoT security across industrial and critical infrastructure environments, Kinghorn said that Swimlane’s low-code security automation is a great example of the increased automation that organizations are relying on to shore up their defenses because security teams can’t keep up manually, and will leave some risk profiles unaddressed. 

“Swimlane is an excellent complement to Nozomi Networks, which focuses on asset and vulnerability visibility, while Swimlane helps automate remediation efforts by automating incident response playbooks, manual attacks associated with threat intelligence, and alert triage, according to Kinghorn. “All designed to address a growing threat landscape against a security tech staffing shortage.”

“Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” Joshua Magady, practice technical lead at 1898 & Co., said in a media statement. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” 

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Webinar: State of Zero Trust in the Industrial Enterprise

Register: April 10, 2024, at 8am PDT | 11am CDT | 5pm CEST

Related