Feature Promotion
Making an industrial difference Unidirectional gateway security blocking cyberattacks against control networks – Editor’s Insight interview with Lior Frenkel CEO, Waterfall Security CONTROL NETWORK ENVIRONMENTS
Lior Frenkel
32 | Asia Pacific Security Magazine
Framing the network environment will help focus your attention when explaining this technology. Waterfall Security is an industrial cyber security company. Industrial being the key term. Waterfall’s unique technology is used to protect the cyber and network perimeter for an Operational Technology, or OT, environment. The controllers of a physical environment, most commonly based on a SCADA (supervisory control and data acquisition) architecture for software application programs and process controls – is the network that controls machinery, plants and processing equipment. The critical infrastructure that gives us energy, power, water, transport and supply chain functionality. The OT networks may go by different names, depending on the different industry, but in essence, they all apply and operate in the same type of OT network environment. Within these critical network environments, there is a fundamental difference to that of any other network. The difference is their purpose. Yes, there are also computer networks, communication networks and in most cases, there is also real-time operating systems, applications and embedded propriety systems or special protocols, along with real time management systems. But in the end, this is not the main difference. In terms of an attacker’s perspective, the difference
remains on the purpose. The purpose of OT is to maintain, above all else, reliability, operability and safety. A power plant, for example, needs to be at peak performance, 24/7. Bad things happening within a power plant is intolerable. Yet, the purpose of an Information Technology, or IT, network, by its very name, is to process information. The management and processing of information, such as for a bank, is about processing financial transactions and customer data. When you put the difference in focus, the OT network manages a physical asset and an IT network manages a virtual asset. With an IT network, we can copy and move the asset (information), but for an OT network, the machinery, plant and equipment does not move and cannot be replaced quickly or cheaply, and cannot be ‘restored from backup’... To highlight the point, with a worst-case scenario, Lior Frenkel, CEO of Waterfall Security, explains it this way, “If I was to bomb a major Bank’s headquarters, however bad that would be, the bank’s network would most likely be up and running again within hours, as they come back online with their off-site back up servers and Disaster Recovery systems. Or like your home computer or smart phone that crashes or is lost. You should be able to recover your data and get back online within a very short time because your information and data is backed up and replicated. However, on a SCADA