Back in 2016, the European Union legislated the first network and information security directive for EU Member States. Key critical infrastructure sectors such as energy and healthcare responded by upgrading cybersecurity. Since then, OT zero trust has become the “go-to” standard exceeding expectations across Europe and beyond. Sector leaders realize that the OT zero trust philosophy of never trust, always verify is proving capable of safeguarding critical systems in more and more complex and threatening circumstances. Connecting devices to the internet promises advances in production but it also opens systems to outsider and insider attacks. Even though bad actors may be physically far away, they can connect through the internet as if they were sitting at a console in the control center. Many types of OT equipment may not be capable of self-protection and IT anti-malware was never designed for the rigors of a production environment. Air-gapped and legacy systems would be sitting ducks if not for the powerful protection of OT zero trust security devices.
Trend Micro Portable Security 3 (TMPS 3) plugs into a USB port to scan and wipe out malware. During inspection, TMPS 3 automatically initiates regulatory compliance procedures by taking an inventory of preinstalled firmware and software. The inspection happens in ‘stealth mode’ without impacting production schedules. Inventory data feeds threat analyzers that use machine learning to find the best known protections for all types of vulnerabilities, from common ransomware to zero day hacks to new types of attack schemes. Trust lists are generated autonomously. Within 48 hours cyber security coverage is complete and learning never stops as new threat intelligence becomes available security controls improve. This smart feedback loop keeps readiness high and paves the way for compliance with new cybersecurity regulations.
In May 2022, the EU added eight more sectors plus stricter accountability for security management. The Network and Information Security Directive (NIS 2) also requires more coordinated vulnerability disclosure throughout all sectors and stronger supply chain controls [1]. Organizations using TMPS 3 to inspect every device before it is deployed are already in compliance, stopping supply chain attacks before they start. OT zero trust threat intelligence is busy investigating every vulnerability that it knows about and making educated guesses about how attackers will strike next.
For this reason, TMPS 3 devices have been widely adopted by industry leaders in transportation, pharmaceuticals, and other industry verticals where OT leaders wanted more reliable file transfers between stand alone systems in work facilities. Up to 64GB of AES-256 encrypted storage is available to ensure that files are confirmed clean before being transmitted.
Along with TMPS3, TXOne Networks’ portfolio of solutions based on the OT zero trust framework offers a full suite of cybersecurity products. Solutions like StellarEnforceTM and StellarProtectTM are monitoring systems guard endpoint assets while security appliances like EdgeFireTM and EdgeIPSTM tackle network security. These devices can understand OT-native network traffic and take action based on what’s going on at any moment. Just like the adaptive trust lists generated by TMPS 3, Stellar and Edge products generate trust lists that adapt based on every situation. The goal is to allow only trustworthy control commands to reach machines. Researchers and real-world referrals indicate that TXOne has a high track record for achieving this goal. And they are not the only ones making this judgment.
The prestigious SC Awards Europe 2022 named TXOne’s Stellar series ‘Best Endpoint Security’, and Trend Micro Portable Security 3 Pro was awarded ‘Best Regulatory Compliance Tools and Solutions’. The SC Awards Europe recognize and reward products and services that continue to stand out from the crowd, exceeding customer expectations to help defeat imminent threats and cyber-security attacks.
[1] Commission welcomes political agreement on new rules on cybersecurity of network and information system, 2022, https://ec.europa.eu/commission/presscorner/detail/en/ip_22_2985 (Accessed July 1, 2022)