A newcomer to ISC West this year was Wurldtech, a GE company, that helps oil & gas, transportation, utilities, healthcare and many other industries reduce their attack surface while playing a critical role in their long-term OT (Operational Technology) resiliency plan.
As the cybersecurity offering at GE, Wurldtech protects industrial infrastructure – power plants, jet engines, refineries, hospitals, CT and MRI machines – anything that is real-time and high criticality.
We spent some time with Wurldtech’s Founder & CTO, Nate Kube and their Director of Executive Communications, Connie Higgins.
When asked about why a cyber security provider, such as Wurldtech, was exhibiting at a primarily physical security conference, Nate shared his vision of how the converged world of IT and OT is now reaching out and pulling in physical security systems and sensors as one of a cyber asset’s concentric circles of protection. Physical security sensors such as alarm inputs, card readers, and camera feeds can all be integrated into an overall security strategy that works in concert to protect a critical asset and its infrastructure from a physical breach or cyber-attack.
Connie indicated that there may be other physical security shows in Wurldtech’s future. They will evaluate the results from this year’s ISC West to help them make that determination.
Wurldtech aims to provide the plant operator with “The Confidence to Connect.” Using the informal tag line “if you connect it, you need to secure it,” they came to the show looking for synergies that can be employed to the benefit of their industrial customer base.
In addition to seeing themselves as the premier company for protecting SCADA systems, they have a direct sales force that calls on hospitals, refineries, and rail companies. In addition, they have access to a 4000 person strong GE sales force.
Founded in 2006 and acquired by GE in 2014, Wurldtech launched their Industrial Managed Security Services (iMSS) for Industrial and Critical Infrastructure offering on April 4, 2016. Their iMSS leverages its innovative network security detection and prevention technology, christened OpShield. OpShield is designed to protect critical infrastructure control systems and assets and enable security management and monitoring for control systems, critical assets, and other embedded/connected devices.
Sold as managed security services specifically designed to complement the sales of industrial control systems, Wurldtech’s solutions help industrial operators and device manufacturers mitigate operational technology (OT) threats and vulnerabilities. Similar to a physical security monitoring company, they will monitor a plants cyber security. They provide products and services that help users test, certify, and secure their internet-connected devices, ICS and other critical controls, as well as their site operations. Nate points out how Wurldtech’s position as a managed services provider allows them to watch for and protect against a wide range of attacks over a vast geography. With systems deployed around the world, they can gather and disseminate actionable intelligence from across the globe immediately. Wurldtech sensors can provide real-time information to help identify attack strategies being deployed against critical equipment to help operators avoid what could be catastrophic consequences.
Wurldtech’s onsite appliances deliver cyber intrusion protection, cyber access control, as well as accommodate remediation. In addition to protecting against an attack, they can help the plant operator answer essential questions such as; once an event happens, how do you stop it from proliferating? What action do you need to take to fix it? How do you find out where it came from? What information may have been stolen?
Nate explained how Wurldtech’s engineers spend time taking industrial products and systems apart with an eye toward identifying vulnerabilities that could possibly be exploited and then developing mitigation strategies into their offering.
When asked to summarize the architecture of Wurldtech’s solution, Nate described it as a system of devices or appliances that sit between OT networks and the enterprise network and/or between critical equipment and the OT network. A 100-million-dollar turbine generator would have at least one of these appliances sitting between it and the outside world.