The CRN Tech Innovator Awards honor standout products and services that have helped to move the IT industry forward. In compiling the 2017 Tech Innovator Award list, CRN editors evaluated 216 products across 32 technology categories using several criteria, including technological advancements, uniqueness of features, and potential to help solution providers solve end-users’ technology challenges. CyberX’s ICS Attack Vector Prediction technology took top honors in the IoT category.
Exclusive to CyberX, the company’s ICS Attack Vector Prediction technology incorporates proprietary analytics to perform automated threat modeling for ICS/SCADA networks. By generating a visual representation of all possible attack chains — ranked by risk — targeting critical operational technology (OT) assets such as pumps in oil & gas refineries and mixing tanks in pharmaceutical plants, it enables security teams to prioritize essential mitigations and simulate what-if scenarios to reduce their attack surface (e.g., “If I isolate or patch this insecure device, does it eliminate the risk to my ‘crown jewel’ assets?”). This enables more effective use of limited skilled OT resources during narrow maintenance windows. The technology is based on CyberX’s passive, agentless Network Traffic Analysis (NTA) which identifies all OT network and endpoint vulnerabilities without active scanning that can impact ICS/SCADA networks.
According to Gartner Inc., “The No. 1 issue in vulnerability management (and, arguably, IT security operations) is that organizations are not prioritizing their patching and mitigating controls, nor are they mitigating the exploitation of commonly targeted vulnerabilities. In short, organizations are struggling to figure out the delta between ‘what can I fix’ and ‘what will make the biggest difference, with the pragmatic reality of the time and resources that I actually have.’ The answer is a risk-based approach.”
CyberX’s ICS Attack Vector Prediction technology is provided as part of CyberX’s full-spectrum ICS security platform, which combines a deep understanding of industrial protocols, devices, and applications with ICS-specific asset discovery, continuous real-time monitoring and incident forensics, risk and vulnerability management, and threat intelligence. This unique approach reduces complexity by addressing all four requirements of Gartner’s Adaptive Security architecture — Prediction, Prevention, Detection, and Response — in a single holistic platform.
According to key CyberX channel partner GrayMatter in CRN, “Our customers are often concerned about what they don’t know. CyberX’s Attack Vector Prediction technology allows them to predict and visualize scenarios for real-time planning of operational cyberstrategy,” said Jim Gillespie, CEO of Pittsburgh-based GrayMatter. “It helps business leaders and OT personnel quickly understand the top threats to their most critical industrial assets, and how to most efficiently reduce their top risks.”
“This predictive breakthrough strengthens our customers’ operational resilience and opens up a huge opportunity for channel partners to grow their revenues in the $105 billion2 IoT market,” said Buck Watia, VP of business development at CyberX. “By prioritizing the top risks, our automated threat modeling technology helps partners sell their expertise and value-added services around best practices for proactively mitigating these risks, as well as implementing continuous monitoring as part of a multi-layered strategy for ongoing protection.”
“The vendors and products on CRN’s 2017 Tech Innovator list represent some of the most creative and forward-thinking achievements yet seen in the IT channel,” said Robert Faletra, CEO of The Channel Company. “We are honored to celebrate their ingenuity and the growth they are driving across the industry, from increased worker productivity and sales to expanded solutions for complex problems and trailblazing innovation.”
The Tech Innovator Awards will be featured in the December issue of CRN and can be viewed online at crn.com/techinnovators.
1Craig Lawson, “It’s Time to Align Your Vulnerability Management Priorities With the Biggest Threats”. Published: 09 September 2016 ID: G00310155.