DETECTING CYBER RISKS AND THREATS
DIGITAL MINING
DETECTING CYBER RISKS AND THREATS
16
Nozomi Networks takes a multi-pronged approach to identifying suspicious activity – whether it ’ s accidental or intentional . Through behaviorbased anomaly detection and multiple types of signature and rules-based detection , the solution identifies unauthorised activity such as : remote access , downloads , log file deletions , controller logic changes , configuration changes , edits to PLC projects and more .
All threat detection results are correlated with operational context for detailed insight . For example , the solution checks baselines for network peculiarities such as VPN access and IP ranges assigned to known asset vendors . If activity occurs outside those ranges , an alert is triggered . When suspiciousactivity is identified , the solution sends high-priority alerts to mine security and operations staff , who can then execute the incident response plan to contain or eradicate the threat .
Nozomi Networks ’ Guardian is deployed by four of the top ten global mining companies . Guardian offers industrial strength OT and IoT security and visibility , delivering advanced threat detection capabilities that help proactively identify unauthorised access to OT networks while reducing forensic efforts and response time .
SUMMER / AUTUMN 2020