Industrial Control Systems Security (ICS security)

Industrial Control Systems Security (ICS security) is defined as the ability of organizations to secure their automation processes and related critical information from cyber intrusions for uninterrupted and sustained productivity of utilities, grids, transportation systems, and manufacturing plants. Industrial Control Systems security solutions cover various types of control systems used in industries for operations. Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), and Programmable Logic Controllers (PLC) are used to remotely manage critical industrial infrastructures from a central control room. Securing these systems has become a major concern in the present age of advanced persistent threats, such as Stuxnet and Havex RAT. The highly sophisticated and severe nature of these threats is prompting various security solution providers to customize their offerings according to industry demand.

Industrial Control Systems security solutions and software consist of a compressive array of technologies such as Distributed Denial of Service (DDoS), Intrusion Detection System/Intrusion Prevention System (IDS/IPS), antivirus/anti-malware, firewall, virtualization security, Security Information and Event Management (SIEM), SCADA encryption, Unified Threat Management (UTM), Data Loss Prevention (DLP), Identity and Access Management (IAM), and others. Professional services for ICS security include offerings from primary operational support to entire lifecycle management services.

COMPETITIVE LEADERSHIP MAPPING TERMINOLOGY

100+ companies offering Industrial Control Systems Security Solutions were analyzed of which 50 companies were shortlisted and categorized on a quadrant under Visionary Leaders, Innovators, Dynamic Differentiators, and Emerging Companies.

ABB, Belden, Check Point Software Technologies, Cisco Systems, Fortinet, GE, Honeywell, McAfee, and Siemens have been identified as visionary leaders as they have established product portfolios and a robust market presence and business strategy.

Kaspersky Lab, Bayshore Networks, Indegy, Nozomi Networks, Schneider Electric, and Symantec have been identified as innovators as these vendors have a very focused product portfolio. However, they do not have very strong growth strategies for their overall business.

BAE Systems, Carbon Black, CyberArk, Claroty, and SecurityMatters have been identified as emerging companies. They do not have very strong business strategies as compared to other established vendors. They might be new entrants and require some more time before gaining significant traction in the market. FireEye, IBM, Raytheon, Rockwell Automation, and Trend Micro have been recognized as dynamic differentiators.

The competitive leadership mapping (Quadrant) showcased below provides information for 50 major players offering Industrial Control Systems security solutions and software. Vendor evaluations are based on two broad categories: product offering and business strategy. Each category carries various criteria, based on which vendors have been evaluated. The evaluation criteria considered under product offering includes the Products features and functionality, Deployment, Services and Pricing. The evaluation criteria considered under business strategy includes the reach (geographic presence), industry coverage, financial strength and partner ecosystem. Products offered by these players are loaded with several features and capabilities.

VISIONARY LEADERS

Visionary Leaders generally receive high scores for most evaluation criteria. They have a strong product portfolio, a very strong market presence, and strong business strategies. They provide mature and reputable Industrial Control Systems security solutions and software. They also have strong business strategies. ABB, Belden, Check Point Software Technologies, Cisco Systems, Fortinet, GE, Honeywell, McAfee, and Siemens have been listed as visionary leaders.

INNOVATORS

Innovators demonstrate substantial product innovation as compared to their competitors. They have a very focused product portfolio. However, they do not have strong growth strategies for their overall business. Kaspersky Lab, Bayshore Networks, Indegy, Nozomi Networks, Schneider Electric, and Symantec have been categorized as innovators.

DYNAMIC DIFFERENTIATORS

Dynamic Differentiators are established vendors with very strong business strategies. However, they have a weak product portfolio. They generally focus on a specific type of technology related to the product. FireEye, IBM, Raytheon, Rockwell Automation, and Trend Micro have been considered as dynamic differentiators.

EMERGING COMPANIES

Emerging Companies have niche product offerings and are starting to gain their position in the market. They do not have strong business strategies as compared to other established vendors. They might be new entrants in the market and require some time to achieve significant traction in the market. BAE Systems, Carbon Black, CyberArk, Claroty, and SecurityMatters have been categorized as emerging companies.

Industrial Control Systems Security Solutions- VENDOR EVALUATIONS & SCORING AREAS

STRENGTH OF PRODUCT PORTFOLIO

  • Product Features & Functionality
    • This criterion evaluates each vendor’s current product capabilities, quality, and features/functionality. Vendors who offer a relevant suite of products across a diverse set of vertical markets are scored higher. Vendors offering distinguished features in multiple application areas, along with a wider solution set and partner ecosystem are also rated higher.
  • Deployment
    • This criterion evaluates each vendor’s offering which includes current services/products/solutions and its variants offered, type of pre-integrated systems (i.e. hardware, software specifications, and associated services), customized specifications, additional services related to the market, service subscription packages, and pricing details.
  • Services
    • A vendor's product quality is assessed based on industry standards along with the assessment of their pre- and post-sales service. It includes various ways using which each vendor offers technical support to customers. Frequency and various levels of customer support that complement market offerings are also taken into account while rating vendors. Along with this, Six Sigma and similar practices to improve the product quality also help improve a vendor’s rating.
  • Pricing
    • A vendor’s pricing options are evaluated under this criterion to understand the competitiveness and flexibility of the vendor to cater to various client requirements.

BUSINESS STRATEGY EXCELLENCE

  • Geographic Footprint
    • This is an assessment of the organization or business unit’s direct and indirect presence across five major regions: North America, Europe, Asia Pacific (APAC), the Middle East and Africa (MEA), and Latin America. It includes each vendor’s ability to deliver and deploy its offerings at client locations and provide customer support worldwide.
  • Sector Footprint
    • This is an assessment of the organization or business unit’s offerings across various sectors. It includes each vendor’s ability to deliver and deploy its offerings to the different verticals present in the market.
  • Partner Ecosystem
    • A vendor's strategy for delivering and deploying its offerings, including channels and partners to target a worldwide installed client base are evaluated under this criterion. A vendor’s strategies to manage worldwide channels and address un-catered and new target audience around the globe is also one of the factors that determines his score.
  • Financial Strength
    • This is an assessment of the organization or business unit’s overall financial health, and the size of its customer base. A vendor's revenue for the current financial year, specifically the revenue generated by the firm through their market offerings; estimated Y-o-Y revenue growth; revenue breakdown by region and industry verticals; and approximate number of customers installed are all evaluated prior to scoring. Along with this, a vendor’s developments over the past year, such as new product(s) launched, new customers acquired, patents registered, and R&D spending specific to the market, are also taken into consideration. A vendor’s future plans related to the targeted market are also considered for scoring.

The major functionalities have been studied are as below:


ANTIMALWARE/ANTIVIRUS

Antimalware/antivirus software is a critical component or layer of protection for securing ICS from external intrusions. Antimalware or antivirus software is used to prevent, detect, and remove viruses, and other malicious malware, such as rootkits, spyware, adware, Trojans, and worms. A virus is a program or a piece of code that is loaded into the systems to infect computer programs and data files; it can cause unexpected shut down of systems. Most of the industries across the globe are suffering from virus and malware attacks. Hence, it is important for businesses to install and update their antivirus programs to defend themselves from the virus attacks. Stuxnet, Duqu, Shamoon/Disttrack, BlackEnergy, and Night Dragon are some of the viruses that usually target ICS networks. For instance, in December 2016, the Ukrainian electric power industry was attacked, in which, hackers targeted the electric power industry with the BlackEnergy Trojan. Therefore, there is a high need for antivirus software to secure industrial processes. Vendors such as Symantec, Kaspersky Lab, Trend Micro, and Fortinet actively install antivirus software into the control systems.

DISTRIBUTED DENIAL OF SERVICE MITIGATION

In recent years, DDoS attacks have become very frequent. DDoS attacks are usually generated from multiple connected devices that are scattered over the internet. DDoS focuses mainly on the network infrastructure and tries to saturate the network with huge volumes of traffic. Earlier, the primary targets of DDoS were financial institutions, but after many surveys on industrial security systems, it has been noticed that SCADA systems also face DDoS attacks. A recent survey estimated that the DDoS attacks on SCADA systems have doubled in the security space. For example, in 2017, the BBC website faced the largest DDoS attack in the history, in which, the network bandwidth was overloaded to around 602 Gbps that forced BBC to shut down the network. Furthermore, a network operator in Asia faced a DDoS attack in 2016, in which, around 334 Gbps network bandwidth was consumed. Protection against DDoS attacks is not an antidote, but a logical precaution, which is important for any organization that has business dependency on the internet services.

ENCRYPTION

A strong network architecture is needed to secure, monitor, and control the industrial processes in industries, such as oil and gas, and water plants. The increase in highly interconnected networks between control networks and public networks result in exposure to various cyber threats and vulnerabilities within organizations. Encrypting the ICS helps mitigate common attacks, such as data theft and DDoS attacks, and provides high reliability, performance, and availability of these networks on-demand. In 2017, Check Point Software Technologies and RAD formed a partnership to offer an end-to-end cybersecurity solution using SCADA equipment. Market players such as Nozomi Networks, Fortinet, Alutech, and Thales offer SCADA encryption solutions to industrial control networks and other critical infrastructures.

FIREWALL

The integration of control system networks with corporate networks has increased cybersecurity vulnerabilities. Firewalls in industrial systems are mostly deployed between the industrial control network and the corporate network. These vulnerabilities expose various levels of industrial network architecture to a variety of cyber threats, including viruses, worms, and malware. Firewalls are the devices or systems that control and manage the flow of network traffic, which has any kind of disturbance in security postures. They also help protect sensitive resources of an enterprise network from non-essential traffic and unauthorized users, and other compromised networks. Properly configured firewalls could prohibit unnecessary data from passing between networks, such as control and corporate networks. A Next- Generation Firewall (NGFW) is an integrated network platform that comprises all the capabilities of the traditional firewall, with the addition of extra functionalities, such as DPI, IPS, Secure Sockets Layer (SSL) and Secure Shell (SSH) interception, antivirus inspection, and Virtual Private Network (VPN). The firewall solution industry is facing stiff competition from one-stop security solutions, such as UTM, NGFW, and virtual firewalls. In 2016, Fortinet launched various firewall products, such as FortiWeb 4000E, 3000E Web Application Firewalls, and FortiGate-600D Enterprise Firewall, and also formed partnerships with Attivo Networks and BT to enhance its firewall products. Other market players such as McAfee, Check Point Software Technologies, and Bayshore Networks offer effective and in-depth defense firewall solutions for the ICS and SCADA networks.

IDENTITY AND ACCESS MANAGEMENT

IAM is an essential security solution for resource-driven environments, such as ICS/SCADA, smart homes, personal health monitoring, or the automotive industry. To better guard the control systems, automation, transmission, and distribution, the companies are required to be able to control access to their network resources. Examples of network resources include ICS, equipment, buildings, and IT, all of which have unique challenges that may be technical or political. IAM systems for these assets often exist in silos, and employees who manage these systems lack methods to effectively coordinate access to the devices and facilities in these silos, which may result in various security risks. To mitigate such risks, industrial enterprises must proactively protect and monitor privileged accounts that enable access to the industrial environments. This is the reason for which IAM has the fastest growth rate in the Industrial Control Systems security solutions market. IAM reduces the risk of unauthorized access to critical systems, by securing and controlling access to privileged accounts. Many companies such as CyberArk and Symantec have implemented steps to provide secure remote access, while also decreasing the risk attached with malware.

INTRUSION DETECTION SYSTEM/INTRUSION PREVENTION SYSTEM

Modern industrial systems have started integrating the control system networks with the corporate enterprise networks. IDS/IPS technologies are used to monitor malicious behaviors and detect suspicious patterns that can compromise the security of a computer system/network. IDS/IPS tools, such as Snort and Office of State Security and Emergency and Coordination (OSSEC) provide protection against potential security threats. ICS and SCADA systems need to integrate these technologies to defend against the growing threat landscape. Information from systems or from networks is gathered, from which the possible security breaches are identified. The types of IDS/IPS systems are Network-Based Intrusion Detection System/Network-Based Intrusion Prevention System (NIDS/NIPS) and Host-Based Intrusion Detection System/Host-Based Intrusion Prevention System (HIDS/HIPS). The host-based types monitor the network, such as servers and workstations, whereas the network-based types monitor the traffic between the network and network components. Among the leading players, Fortinet entered into an agreement with BT in 2017 to provide intrusion prevention to their customers. Solution providers such as Check Point Software Technologies, Cisco, and FireEye, also offer IDS/IPS solutions for securing the ICS and SCADA networks.

SECURITY AND VULNERABILITY MANAGEMENT

Security and vulnerability management is a proactive approach to secure sensitive data by eliminating the weaknesses of the network security, which include contingent cyber threats such as dormant malware attack and other advanced invasion techniques. The process includes the checking and identification of risks along with mitigation and patching of unwanted software programs. Businesses rely on the solution to quickly assess and prioritize the vulnerabilities, along with scanning the network asset information, security configuration, and threat intelligence. This segment covers the products that scan devices such as servers and workstations or applications/software to uncover known as well as unknown vulnerabilities. Enterprises extensively adopt security and vulnerability management solutions across industry verticals, such as retail, BFSI, government and defense, manufacturing, healthcare, energy and utilities, and retail to safeguard their digital assets. The applications, endpoints, and networks of organizations are the most common targets of cybercriminals to penetrate the network and access confidential data. Security and vulnerability management is deployed in the IT infrastructure of both SMEs and large organizations. Moreover, organizations implement security and vulnerability management to categorize the level of security required to improve their security posture.

The contributing factors for the market growth of the solution are the increasing use of diverse operating systems, increasing volume of data, rapid adoption of Bring Your Own Device (BYOD) trend, growing number of mobile devices at workplace, and cloud computing. These expanding security threats are prompting businesses to adopt frequent assessment and monitoring of vulnerabilities in the systems.

SECURITY CONFIGURATION MANAGEMENT

The industrial network security relies heavily on asset discovery, which lays emphasis on keeping a track of authorized devices. Security configuration management is extremely important for integrating IT and OT security and configuration. It brings together practices such as vulnerability assessment, automated remediation, and configuration assessment. Security configuration management helps enterprises in being compliant with PCI DSS, HIPAA, and SOX and following standards such as NIST and ISO 27001. Some of the significant security controls and plans defined in the NIST specified SP 800-53 include configuration management policy and procedures, baseline configuration, configuration change controls, security impact analysis, security and configuration settings, and management plans. Some of the significant benefits include reduced IT management overhead; streamlined IT operations which include network, OS, endpoint, and application management; automated security checks for firewall, patches, and logs; compliance management; and data protection.

SECURITY INFORMATION AND EVENT MANAGEMENT

The security of industrial systems has increased in the recent years due to rise in the number of cyber-attacks (Stuxnet 2010, Sasser 2004, and SoBig 2003). SIEM is a security approach that provides a holistic view of an organization’s IT security. SIEM provides a centralized view of real-time analysis of security alerts that are generated from network devices (switches, controllers, HMIs, and firewalls), and applications. It combines the necessary supporting technologies, such as vulnerability assessment and IDS that are appropriate for the industrial applications. Companies such as McAfee, CyberArk, and Siemens have collaborated with other companies to enhance the SIEM solutions for industrial systems. Other leading security vendors, such as Enterasys, Cassidian, AccelOps, and NitroSecurity also offer SIEM solutions for smart grid control networks and other critical infrastructures.

WHITELISTING

Whitelisting refers to specifying a list of programs that are allowed to run on a computer system. Applications have to be explicitly approved by the administrators as legitimate before they can run on an enterprise or industrial system. The whitelisting methodology assigns a hash value to the software or application. If the hash in the whitelist matches the hash of the software program, then the program is allowed to run. Whitelisting is an important methodology to prevent zero-day attacks. Important steps in implementing whitelisting include identifying files that need to be monitored, programming decisions by either raising a red flag or blocking the software program and providing security patches and security updates.

Industrial Control Systems Security Solutions Quadrant

Comparing 99 vendors in Industrial Control Systems Security Solutions across 377 criteria.

Find the best Industrial Control Systems Security Solutions solution for your business, using ratings and reviews from buyers, analysts, vendors and industry experts

EVALUATION CRITERIA

Below criteria are most commonly used for comparing Industrial Control Systems Security Solutions tools.
  • Feature and Functionality
    • Development Tools
      • Network traffic anomaly detection tools
      • IOC detection tools
      • Log review tools
      • Outlier analysis tools
      • Reverse engineering tools
    • Core Features
      • Control systems
      • Security standards
      • Functionality
    • Integration
      • ODVA
      • FDT – field device tool
      • EDDL - Electronic Device Description Language
  • Services
    • Pre Deployment
      • Regulatory compliance
      • Cyber attack simulation
      • Implementation
      • Design & Integration
      • Strategy consulting
    • Post Deployment
      • Support & Maintenance
      • Managed Security Services
      • Education & Training
      • Incident Response
  • Pricing
    • Per User
    • Outcome Based
    • Module Based
  • Deployment
    • Modes
      • Cloud
      • Hybrid
      • On-premise
    • Implementation Methodology
      • Risk and Threat Assessment
      • Risk/VaR Simulation
      • Risk Based Asset Classification

TOP VENDORS (99)

  • 1

    Cisco offers ICS capabilities through its IPS Industrial Signatures solution. IPS has been established as a vulnerability mitigation technique for over a decade and can protect ICS networks against threats, regardless of whether the underlying issue is in a traditional network component or specific to ICS. Cisco’s IPS Industrial Signatures solution provides rapid-response to mitigate attacks, while also maintaining the availability and integrity of critical assets.

    Read More
    • Enterprise
    • California, USA
    • Founded: 1984
    • $10BN to $50BN
    • 50,001 to 75,000
  • 2

    Siemens offers ICS solutions through SIRIUS, a unique, comprehensive portfolio for ICS applications. Its strength lies in its modular design, which can be easily integrated into distributed systems. SIRIUS consists of monitoring and control devices, safety systems, position and safety switches, and commanding and signaling devices. Its control systems consist of multi-processor systems that contain simple combinable function blocks, such as simple mathematics or logical operations through motion control of all linear and rotational axis.

    Read More
    • Enterprise
    • Bavaria, Germany
    • Founded: 1847
    • $50BN to $100BN
    • 1,00,001 to 5,00,000
  • 3

    The ISS SCADA security solution by IBM has three main components: Intrusion Prevention Systems, SCADA Assessment Services, and IBM Managed Security Systems. IBM Proventia Network Intrusion Prevention System (IPS) has the ability to protect systems from critical vulnerabilities or attacks, while IBM Managed Security Services for clients provides outsourced solutions for comprehensive real-time security management.

    Read More
    • Enterprise
    • New York, USA
    • Founded: 1911
    • $50BN to $100BN
    • 1,00,001 to 5,00,000
  • 4

    Honeywell offers a vast range of ICS security products including advanced process control software, industrial flame monitoring sensors, switches and controls, automation lifecycle support services, control monitoring and safety systems, gas detection (fixed and portable), industrial wireless solutions, distributed control system, test and measurement sensors, application whitelisting and device control service, endpoint protection, industrial cybersecurity risk manager, managed industrial cyber security services, network security, and response and recovery.

    Read More
    • Enterprise
    • New Jersey, USA
    • Founded: 1906
    • $10BN to $50BN
    • 10,001 to 15,000
  • 5

    ABB offers a wide range of products under its ICS security portfolio, such as Network Manager SCADA/Distribution Management Systems (DMS), SCADA/Energy Management Systems (EMS), SCADA/Generation Management Systems (GMS), and ABB Control Systems 800xA. Its ICS security services include consulting services, maintenance services, professional services, remote monitoring services, and support services. ABB offers safe, effective, and enhanced operation of electric power systems through its SCADA/Energy Management System (EMS). EMS provides an open platform that enables smooth integration with other utility information systems while offering enhanced security levels.

    Read More
    • Enterprise
    • Zurich, Switzerland
    • Founded: 1988
    • $10BN to $50BN
    • 10,001 to 15,000
  • 6

    Trend Micro offers a security platform, Trend Micro Consumer Connect (TMCC) for the telecom industry. It protects connected home environments using a threat intelligence system (Trend Micro Smart Protection Network) that protects communications and secures devices. This platform also delivers additional integrated security services.

    Read More
    • Enterprise
  • 7

    Symantec provides ICS security solutions for both, operators to secure their plants and infrastructure as well as equipment vendors to increase the security of their products. Symantec’s Critical System Protection (SCSP) helps plant/infrastructure operators protect their equipment from sophisticated attacks. SCSP offers robust, signature-less, and host-based protection in managed and unmanaged scenarios, without compromising the device’s performance. Some of the key features of SCSP are application whitelisting, application specific network firewall controls, integrated host-based firewall, USB device whitelisting, auto-sandboxing, anti-exploit mitigation techniques, and deep application discovery.

    Read More
    • Enterprise
    • 1 to 50
  • 8

    Fortinet’s ICS security or SCADA solution protects ICS from advanced threats. Its appliances are highly reliable for harsh environments and compliant with Federal Information Processing Standard (FIPS) 140-2 and Common Criteria Evaluation Assurance Level (EAL) 4+. The solution is easy to deploy and manage, with tightly integrated security, networking, wireless, and admission control capabilities that can track devices and the traffic they produce.

    Read More
    • Enterprise
    • California, US
    • Founded: 2000
    • $1BN to $5BN
    • 45,001 to 50,000
  • 9

    General Electric provides ICS solutions that help improve the operational efficiency of an organization through asset optimization, enhanced process performance, and increased productivity. Prednix, a flagship product launched by the company in 2016, combines cutting-edge technology with industry experience to rapidly analyze machine-grade data and deliver faster outcomes. General Electric mainly caters to the healthcare, power generation, and manufacturing sectors. Its products are flexible and inexpensive and offer better productivity and lower risk as compared to products from its competitors.

    Read More
    • Enterprise
    • Massachusetts, USA
    • Founded: 1892
    • More than $100 BN
    • 1,00,001 to 5,00,000
  • 10

    McAfee’s Database and Endpoint Security offers real-time protection to business-critical databases from external, internal, and intra-database exploits. The solution delivers robust security and constant compliance without the need for architecture changes, expensive hardware, or downtime.

    Read More
    • Enterprise
    • California, US
    • Founded: 1987
    • $1BN to $5BN
    • 5,001 to 10,000
  • 11

    Check Point uses security gateways, application control, unified central management, asset and anomaly detection, intrusion prevention, and secure harsh environments with 1200R to protect ICS networks from cyber attacks and malicious threats. Its 1200R solution delivers rugged, comprehensive security to most environments.

    Read More
    • Enterprise
    • Tel Aviv, Israel
    • Founded: 1993
    • $1BN to $5BN
    • 1,001 to 5,000
    • $14,490.00 - $16,181.00
  • 12

    Kaspersky Industrial CyberSecurity is a solution developed for critical infrastructures and industrial equipment. This solution combines a variety of conventional security technologies. Device access control is also included in this solution which helps customers monitor connections to portable data storage media and peripheral devices. Kaspersky Industrial CyberSecurity provides cybersecurity across all network levels.

    Read More
    • Enterprise
    • Moscow, Russia
    • Founded: 1997
    • $500MN to $1BN
    • 1,001 to 5,000
  • 13

    Belden’s Industrial Cyber Security solution portfolio safeguards and supports industrial networks, PCs, critical endpoints, and industrial controllers while simultaneously maintaining reliability in delivery, high availability, and operational resilience.

    Read More
    • SME
    • 5,001 to 10,000
  • 14

    The visibility, analytics, and automation delivered through Rapid7’s Insight Cloud help security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks.

    Read More
    • SME
    • 501 to 1,000
  • 15

    FireEye’s solutions for critical infrastructure and ICS are in pace with industry standards and federal regulations to protect complete network environments. The company provides comprehensive solutions which protect important assets from cybersecurity threats.

    Read More
    • Enterprise
    • 1,001 to 5,000
  • 16

    Microsoft’s cloud-based machine learning and artificial intelligence applications help detect and stop millions of threats that can infect networks. In-depth analysis from Microsoft Security Intelligence helps protect modern workplaces across its entire attack surface, securing identities, endpoints, cloud apps, and infrastructure.

    Read More
    • Enterprise
    • Washington, USA
    • Founded: 1975
    • More than $100 BN
    • 1,00,001 to 5,00,000
  • 17

    Nozomi Networks offers an ICS solution called SCADAguardian. It safeguards control networks from cyber-attacks and operational disruptions by analyzing passive network traffic and rapidly detecting cyber threats. It offers real-time network visualization by improving system awareness and understanding network structure and activity. It also helps monitor network and ICS by providing comprehensive cybersecurity and reliability monitoring.

    Read More
    • Startup
    • California, US
    • Founded: 2013
    • Below $10 MN
    • 51 to 100
  • 18

    Sentryo is a unique provider of solutions dedicated to managing the cyber risk of M2M networks and Industrial Control Systems (ICS). The company’s ICS CyberVision solution offers control engineers complete visibility over all equipment connected to their industrial networks, enabling them to identify threats and make the right decisions to ensure the integrity of their systems. The solution also uses artificial intelligence and machine learning algorithms to gain a real-time understanding of the state of the industrial facility, analyze alarms, and control the security of the infrastructure.

    Read More
    • Startup
    • Founded: 2014
    • Below $10 MN
    • 1 to 50
  • 19

    Corero’s product Corero SmartWall Threat Defense System (TDS) protects network infrastructure, online services, and confidential data from DDoS attacks. The Corero technology is at par with industry standards on all fronts. Corero provides a comprehensive solution, in a good network design natural “collapsed inspection points” are built inherently by the devices that provide the segmentation between the different levels. Instead of deploying first- or even next-generation firewall technology between the levels, transparent inspection technology is imperative to protect against the wide array of electronic threats facing ICS components today.

    Read More
    • Startup
    • Massachusetts, US
    • 501 to 1,000
  • 20

    Indegy developed a cybersecurity platform that provides comprehensive visibility into the critical control plane of Operational Technology (OT) networks to identify threats that place the safety, reliability, and security of ICS at risk. The Indegy Cyber Security platform provides automated and centralized threat monitoring and anomaly detection capabilities. It enables organizations to protect their physical processes from external threats by maintaining comprehensive visibility and oversight of all the activities on OT networks anywhere in the world.

    Read More
    • Startup
    • New York, US
    • Founded: 2014
    • Below $10 MN
    • 1 to 50
  • 21

    F5 Networks provides security to data, applications, and businesses. The company deploys its services with partners such as Amazon Web Services, Azure, RedHat, and VMWare.

    Read More
    • Enterprise
    • Washington, US
    • Founded: 1996
    • $1BN to $5BN
    • 1,001 to 5,000
  • 22

    Schneider offers an open, interoperable, and IoT-enabled platform called EcoStruxure that helps connect businesses making them efficient, sustainable, safe, and more reliable.

    Read More
    • Enterprise
  • 23

    Northrop Grumman offers a SPUDS (SCADA Protocol Unique Digital Signature) tool that monitors and protects Industrial Control Systems (ICS) against malicious activity. The tool is a combination of both, software and hardware components that monitors an organization’s network continuously for the detection of insider threats and anomalous and malicious code.

    Read More
    • Enterprise
    • 75,001 to 1,00,000
  • 24

    Raytheon’s High Speed Guard Industrial Control System, an accredited software solution, offers highly complex, unidirectional or bi-directional automated data transfers between multiple physically segregated networks. Features such as rapid and automatic data transfer, compatibility with diverse communication systems, and low administration cost make High Speed Guard an ideal choice for production-critical systems. This solution also establishes rapid output and low-latency transfer rates.

    Read More
    • Enterprise
    • Massachusetts, USA
    • Founded: 1922
    • $101MN to $500MN
    • 10,001 to 15,000
  • 25

    Bayshore’s Industrial Cyber Protection Platform provides security against existing cyber threats and risks. It uses a Policy Engine to actively block unauthorized communications on the network, while simultaneously providing alerts to enable IT teams to take appropriate action The main advantages of the platform include logic-rich policy-based security and inspection of industrial application traffic.

    Read More
    • Startup
    • New York, US
    • Founded: 2012
    • Below $10 MN
    • 1 to 50
  • 26

    Darktrace offers Darktrace Enterprise, an artificial intelligence cyber defense solution that uses AI and ML to protect networks, and Darktrace Industrial, a specially designed offering used to identify threats and vulnerabilities in SCADA systems and IT networks as it major offerings. In addition to these solutions, it also offers Darktrace Cloud, Darktrace SaaS, and Darktrace Antigena. The company has adapted innovative mathematical models to ICS data for machines, networks, and users within environments, which spots previously unidentified anomalies in real-time.

    Read More
    • SME
    • California, USA
    • Founded: 2013
    • $11MN to $50MN
    • 501 to 1,000
  • 27

    SecurityMatters provides a highly advanced threat monitoring and intelligence platform called SilentDefense that protects ICS/SCADA networks through Deep Packet Inspection (DPI) technology. The platform has a large number of ICS threat indicators that safeguard asset owners from critical cyberattacks, network errors, and operational faults.

    Read More
    • Startup
    • Brabant, Netherlands
    • Founded: 2009
    • Below $10 MN
    • 51 to 100
  • 28

    Rockwell offers a modern Distributed Control System (DCS) known as PlantPAx that seamlessly integrates critical process areas and the balance of plants into a common automation platform. The DCS connects process, discrete, power, information, and safety control into one plant-wide infrastructure. Rockwell’s PlantPAx offers a range of architecture options and scalable system capabilities.

    Read More
    • Enterprise
    • Wisconsin, US
    • Founded: 1903
    • $5BN to $10BN
    • 20,001 to 25,000
  • 29

    CyberArk provides a security solution that manages privileged access to IT environments. It is scalable and protects networks from malware threats. It also addresses vulnerabilities between IT environments, industrial control systems, and remote users. CyberArk’s Core Privileged Access Security Solution is used by many organizations to protect their digital assets.

    Read More
    • SME
    • 1,001 to 5,000
  • 30

    Dell is a major technology driven company providing a computing platform for the outdoors. The company provides a security solution that can be deployed in any outside situation without changing the present power connectivity.

    Read More
    • Enterprise
    • Texas, USA
    • Founded: 1984
    • $50BN to $100BN
    • 1,00,001 to 5,00,000
  • 31

    Positive Technologies' ICS security portfolio consists of 2 products, namely, MaxPatrol for vulnerability and compliance management, and PT ISIM for cyber threat detection and incident response. It also provides ICS/SCADA security assessment and forensic investigation services.

    Read More
    • Enterprise
    • Framingham, Massachusetts, US
    • Founded: 2000
    • $51MN to $100MN
    • 1 to 50
  • 32

    Veracity offers best-in-class security through a centralized command center for industrial control systems. The company also offers an industrial network platform to improve the reliability, efficiency, and security of industrial networks and devices.

    Read More
    • Startup
    • Oklahoma, US
    • Founded: 2006
    • 1 to 50
  • 33

    AlertEnterprise delivers Information Technology and Operational Technology (IT-OT) Convergence for Corporate and Critical Infrastructure Protection. It also eliminates silos and uncovers blended threats across IT Security, Physical Access Controls, and Industrial Control Systems for true prevention of insider threats, fraud, theft, sabotage, and acts of terrorism.

    Read More
    • Startup
    • California, US
    • Founded: 2007
    • $11MN to $50MN
    • 51 to 100
  • 34

    FDT Group is an international not-for-profit organization that consists of leading member companies active in industrial automation manufacturing. The main goal of the organization is to provide an open and non-proprietary standardized interface to integrate field devices with engineering, automation, and asset management systems.

    Read More
    • Startup
    • Brussels, Belgium
    • Founded: 1998
    • 1 to 50
  • 35

    Drive Lock SE is a leading IT firm specializing in IT and data security with a strong focus on the continuous improvement of its products. Security training is expensive and neither powerful nor reasonable, as they are seldom led in direct connection to a related attack. Employees even see them as superfluous, aggravating or irritating, and they don't require the dynamic collaboration surprisingly included. DriveLock Smart SecurityEducation, then again, is a basic, adaptable, persistently accessible on the web or disconnected and is a halfway overseen arrangement.

    Read More
    • Startup
    • Munchen, Germany
    • Founded: 1999
    • $11MN to $50MN
    • 501 to 1,000
  • 36

    Dragos’ Worldview is a dedicated ICS intelligence offering in the marketplace that provides defenders with contextual reports and IOC’s to further illuminate adversarial behavior and enable appropriate detection and preventative measures. Its Threat Operations Center includes services such as threat hunting and incident response and training.

    Read More
    • Enterprise
    • Maryland, US
    • Founded: 2016
    • Below $10 MN
    • 51 to 100
  • 37

    Akamai offers security services to protect websites, mobile infrastructure, and APIs. These services are trusted by various asset managing companies, insurance companies, and financial technology companies.

    Read More
    • Enterprise
    • Massachusetts, US
    • Founded: 1998
    • $1BN to $5BN
    • 5,001 to 10,000
  • 38

    Lockheed Martin Corporation is a global security and aerospace company that offers full-spectrum cyber capabilities and cyber resilient systems to the intelligence community and global security customers. The company secures platforms, systems, networks, and data of businesses through various innovative products.

    Read More
    • Enterprise
    • 1,00,001 to 5,00,000
  • 39

    Mimecast provides an expanded cloud suite that helps make email communication safer, restoring trust and bolstering cyber resilience. Its web security, archive and data protection, awareness training, and uptime assurance services help organization battle cyber attacks with ease.

    Read More
    • SME
    • London, UK
    • Founded: 2003
    • $101MN to $500MN
    • 1,001 to 5,000
  • 40

    Juniper Networks offers products and services for high-performance networks that enable customers to build scalable, reliable, secure, and cost-effective networks for their businesses. The company offers services and products in the Cloud, Service Provider, and Enterprise verticals. Juniper Networks also offers services, including maintenance and support, professional services, and education and training programs.

    Read More
    • Enterprise
    • California, USA
    • Founded: 1996
    • $1BN to $5BN
    • 5,001 to 10,000
  • 41

    Claroty provides comprehensive security solutions that enable IT teams to detect, control, and protect an organization’s networks. It uses an advanced CoreX engine for its Claroty Platform specially designed for large industrial networks that can continuously monitor and analyze networks to detect vulnerabilities.

    Read More
    • Enterprise
    • New York, US
    • Founded: 2014
    • Below $10 MN
    • 101 to 500
  • 42

    ESET is a pioneer in IT security and the maker of award-winning proactive technology. Its security solutions protect over 100 million computer users–businesses and consumers–in more than 180 countries, enabling them to enjoy safer technology. ESET's goal is to make sure that everybody can enjoy the opportunities that technology offers.

    Read More
    • Enterprise
    • 501 to 1,000
  • 43

    Cylance provides security recommendations looking at business threats and then provides measures that can be deployed according to the infrastructure.

    • SME
    • California, US
    • Founded: 2012
    • $51MN to $100MN
    • 501 to 1,000
  • 44

    Airbus offers ICS solutions such as ICS Security Risk Analysis and ICS Security Maturity Check. Airbus’ ICS solutions help customers uncover weaknesses and flaws in their industrial systems. ICS Security Risk Analysis helps customers with document analysis, risk analysis, data analysis, reporting, and risk evaluation.

    Read More
    • Enterprise
    • Leiden, Netherlands
    • Founded: 1970
    • $50BN to $100BN
    • 1,00,001 to 5,00,000
  • 45

    Maverick is one of the leading providers of industrial security solutions for manufacturing industries. The company develops industrial security policies and procedures, facilitates training and awareness, and offers vulnerability and patch management to control testing/simulation environments.

    Read More
    • Enterprise
    • Illinois, US
    • Founded: 1999
    • $51MN to $100MN
    • 501 to 1,000
  • 46

    CyberX platform is the simplest, most mature, and most interoperable solution for auto-discovering assets, identifying critical vulnerabilities and attack vectors, and continuously monitoring ICS networks for malware and targeted attacks. What’s more, CyberX provides seamless integration with existing SOC workflows for unified IT/OT security governance.

    Read More
    • Startup
    • Massachusetts, US
    • Founded: 2013
    • Below $10 MN
    • 51 to 100
  • 47

    Carbon Black safeguards industrial control systems from upcoming external threats without interrupting their availability. The company’s solutions follow strict regulatory compliances and ensure strict control of critical, high-risk systems.

    Read More
    • SME
    • Massachusetts, US
    • Founded: 2002
    • $51MN to $100MN
    • 501 to 1,000
  • 48

    BAE Systems offers a military-grade ICS solution called IndustrialProtect that is designed to safeguard industrial control systems against cyber attacks using cutting-edge technology across oil refineries, power plants, and manufacturing plants. IndustrialProtect is the only solution that provides all necessary security controls in a single appliance and delivers unrivaled security enforcement. BAE Systems has a strong cybersecurity portfolio that helps customers safeguard their industrial systems from cyber threats.

    Read More
    • Enterprise
    • 501 to 1,000
  • 49

    IYS Control Systems uses PLCs, embedded control, Windows PC, and Windows Mobile Devices, as well as low technology to offer solutions to different businesses. IYS’s design software contains SolidWorks 3D Cad, Altium Schematic Capture, Altium PCB Design, Altium FPGA Design, AutoCAD 2D, and Visual Studio for PC-based systems.

    Read More
    • Startup
    • Essex, UK
    • Founded: 2001
    • 1 to 50
  • 50

    Nation-E offers cybersecurity for critical infrastructure and the Internet of Things. The company focuses on the detection and mitigation of real-time data vulnerabilities, preventing the operational and financial impact caused by malicious attacks. Solutions provided by the company include Supervisory Control and Data Acquisition (SCADA) systems, Programmable Logic Controllers (PLC), and Communication Hubs. Nation-E’s ICS solutions secure the blind spot between IT and OT systems and provide maximum protection to systems designed without cybersecurity contemplations in mind.

    Read More
    • Startup
    • Tel Aviv, Israel
    • Founded: 2012
    • $11MN to $50MN
    • 1 to 50

TOP REVIEWS

Looking for Industrial Control Systems Security Solutions? Get help
Chief Product Officer,Company Name Classified
Chief Product Officer, Company Name Classified
#5 in Industrial Control Systems Security Solutions

“Good process overview"

(*)(*)(*)(*)(*)5
ABB''''s S+ Operations offers an arranged, and detailed process overview displays to present situational awareness and recognition anywhere in the water facility.
Vice President - Marketing,Company Name Classified
Vice President - Marketing, Company Name Classified
#2 in Industrial Control Systems Security Solutions

“Better Anomaly Detection solution"

(*)(*)(*)(*)(*)5
The Siemens Secure-NOK SNOK® Network Anomaly Detection solution runs on the RX1500 Application Processing Engine (APE) module. This APE is x86-based and is designed to use a single-line module slot in a Siemens RUGGEDCOM RX1500 device. It is capable of hosting various cyber security solutions such as Next Generation Firewalls and identity-based cloaking solutions. SNOK® Network Anomaly Detection helps Siemens RUGGEDCOM RX1500 with an additional critical layer for its security application capability.
Internal Analyst,MnM
Internal Analyst, MnM
#17 in Industrial Control Systems Security Solutions 9 Reviews

“Real-time monitoring and cyber security services"

(*)(*)(*)(*)(*)5
MSSPs are empowered by the Nozomi Networks solution to provide real-time monitoring and cyber security services for OT networks. It is a multitenant application that provides best-in-class ICS threat detection.
Other,Company Name Classified
Other, Company Name Classified
#2 in Industrial Control Systems Security Solutions

“Robust and easy to use"

(*)(*)(*)(*)(*)5
Siemens’ modern Distributed Control System is robust and easy to use once integrated with all tools. Siemens’ SIMATIC PCS 7 is a process automation software that enables advanced process control, virtual commissioning & process simulation and also monitors plant performance through one integrated engineering system.
Internal Analyst,MnM
Internal Analyst, MnM
#10 in Industrial Control Systems Security Solutions

“Best firewall solution"

(*)(*)(*)(*)(*)5
McAfee Firewall Enterprise uses SecureOS and Type Enforced Access Control to ensure efficient security. SecureOS is a UNIX operating system; it uses Type Enforcement security technology that is patented. This ensures superior network security without the need for emergency security patches.
...

Marie Stelle

Engagement Partner - 360Quadrants.com