Xage block attacks on critical infrastructure
Published by Sara Simper,
Editorial Assistant
World Pipelines,
Xage Security, the zero trust real-world cybersecurity company, has announced its new, industry-first multi-layer identity and access management solution to bring defence-in-depth to every asset in every layer of operational technology (OT) and industrial control system (ICS) environments. This innovation pairs with Xage’s existing multi-layer multi-factor authentication (MFA) to protect critical infrastructure, including the ability to stop attackers from compromising critical assets, even if the attackers have stolen privileged login credentials.
Today there’s an escalating siege of credential-based attacks on real-world infrastructure. Nearly every headline-making attack of the past two decades, from Target to Equifax to the Colonial Pipeline ransomware, has involved stolen or compromised credentials. In parallel, government directives from the likes of TSA, CISA and NIST have led critical infrastructure organisations not only to prioritise cybersecurity but specifically to seek out an “identity-first defence-in-depth strategy”. Ideally, this type of strategy leverages the latest in identity and access management (IAM) advancements for zero trust with granular access control over a complex and interconnected OT-IT-Cloud architecture.
“In operational environments where OT systems are increasingly interconnected with IT systems and the Cloud, it is imperative to strengthen defence-in-depth security measures to protect critical infrastructure”, said Jonathon Gordon, Directing Analyst at Takepoint Research. "Simply put, Xage enables the deployment of a new line of defence to secure OT-IT convergence. With its multi-layer access management solution, Xage markedly reduces risks due to a key attack vector, that of stolen credentials, designed to improve user experience without compromising cybersecurity, and supports OT-IT-Cloud interconnectivity securely for digital transformation initiatives.”
Operations teams struggle to evolve past their legacy perimeter-based approaches to access management. This causes users to be bogged down with multiple static credentials across OT and IT environments, making the whole environment vulnerable when attackers get inside the perimeter, potentially leaving administrators unable to implement modern security features such as MFA. Xage alleviates these traditional hurdles of executing an identity-based defence-in-depth strategy.
Xage multi-layer IAM addresses these challenges in an innovative way. The solution enables organisations to eliminate attacks on their critical infrastructure by delivering defence-in-depth security for their environments, while orchestrating protection across multiple identity providers, Microsoft AD instances, network security levels, and locations. By controlling, at a granular level, the access that each individual has, organisations are able to block credential-based attacks at earlier stages to limit damage and keep mission-critical services running.
“Large operational enterprises design systems for high availability and resiliency, yet they face the challenge of cyber hardening complex IT, demilitarised zone (DMZ) and OT environment layers that are increasingly coming under adversarial attack,” said Duncan Greatwood, CEO of Xage Security. “Add to that the federal regulations and guidance from TSA, CISA and NIST, and the urgency is clear for our multi-layer IAM to deliver unified cybersecurity mesh protection for disjointed OT/IT/Cloud environments. Organisations have the ability to realise zero trust with granular control, no matter how complex or layered their existing equipment and architectures.”
Critical infrastructure operators, for example, can use Xage multi-layer IAM to create separate identities (e.g. login credentials) at each layer and site with different admins to ensure that compromise of corporate IT credentials doesn’t result in compromise within OT. This also assures that compromise of one site does not lead to compromise of all sites (or even other assets at the same site). In addition, operations teams can reduce complexity in the access management flow for their personnel and improve user experience, as well as block attacks by taking advantage of the following unique capabilities offered by the new Xage solution:
- Orchestrate multiple identity providers (IdPs) and AD domains with different security zones or network layers, with an ability to configure different IdPs with different authentication protocols such as LDAP, SAML, and ADFS.
- Restrict asset visibility for all users until after they authenticate: Only allow local and remote users to see the assets and systems for a site or zone after they successfully authenticate against that site level AD and pass the site-level MFA challenge.
- Enable local users to authenticate with the local site level AD even if that site loses network connectivity.
- Enable local and remote users to use password-less, hardware-based, and biometric MFA through multiple hops that may be mapped to different IdPs.
Read the article online at: https://www.worldpipelines.com/business-news/20042023/xage-block-attacks-on-critical-infrastructure/
You might also like
Summit Midstream announces acquisition of Tall Oak Midstream
Tailwater Capital has announced that it has entered into definitive agreements with Summit Midstream Corporation, whereby Summit will acquire Tall Oak Midstream and its subsidiaries for a total consideration of approximately US$450 million.