While most security teams now have systematic processes in place for identifying vulnerabilities and responding to targeted threats, large-scale security incidents that affect many organizations globally are now an increasingly common occurrence. The Crowdstrike outage in July, while not specifically a security incident, demonstrated how targeted breaches or failures in our security infrastructure can have a ripple effect across entire industries and disrupt critical aspects of everyday life.
When these incidents occur, Bitsight is an invaluable resource for security teams that need to assess exposure and create an effective response plan quickly. However, there are some categories of organizations that must analyze risk across on a much larger scale both before and during major incidents, such as:
We introduced Cybersecurity Data Feeds last year to address the needs of organizations operating at this scale. In this post, we’ll share some exciting new additions that we’ve made to this offering and showcase some of the innovative ways customers use the Bitsight technology to assess and manage risk at scale–including a partnership example with Schneider Electric.
We introduced our Cybersecurity Data Feeds offering in 2023 to address the needs of customers with ambitious plans to use large subsets of Bitsight’s data to transform their risk assessment and mitigation workflows. The solution gives customers bulk access to subsets of Bitsight data, with the flexibility to select from categories such as:
The data feeds, including up to 5 years of historical data if desired, are delivered to a shared Amazon S3 bucket, from which the customer can import it to the data lake of their choosing for maximum analytics and integration flexibility. The feed is then refreshed at a customizable interval, which can be as frequent as daily.
Today, we’re pleased to introduce two new data options to our Cybersecurity Data Feeds offering:
OT risks are an area of critical importance, as these systems power many types of critical infrastructure globally. A security incident affecting OT can often have catastrophic consequences. At the same time, OT assets are often highly specialized and difficult for IT-centric security tools and personnel to secure proactively.
Research we shared on this topic last year highlights the scale of these risks. We looked closely at industrial control systems (ICS), the subset of OT that monitors and controls many types of physical machinery – from traffic lights and building management and safety systems to large-scale manufacturing and utilities operations. At the time of our research, we found over 100,000 ICS assets spread across 96 countries that were accessible from the internet. This makes them an easy target for threat actors targeting critical infrastructure such as municipal water delivery systems, electrical power grids, and major manufacturing facilities.
Drawing from this research and input from customers in the OT/ICS space, we’ve made numerous improvements to Bitsight’s ability to identify these types of assets, map them to entities, and identify potential security weaknesses. This now includes the addition of the following widely used OT protocols to our Cybersecurity Data Feeds offering:
The OT exposure data feed also includes additional metadata and asset attribution details that help customers use this information effectively.
Interested parties such as OT product vendors, government agencies, and industry regulators can now harness OT exposure information at scale to identify and mitigate critical infrastructure threats proactively.
In addition to OT exposure data, we’ve also added open port details to the general risk data option set for Cybersecurity Data Feeds.
This includes details such as:
The addition of open port information gives organizations using Cybersecurity Data Feeds another valuable data point to assess and act on potential risks at scale.
Schneider Electric is a global leader in industrial automation and energy management systems. Their products are used to operate critical infrastructure across a wide range of industries, powering essential services that people and businesses globally rely on every day.
Given the high-stakes role that the company’s products play, Schneider Electric makes a substantial ongoing investment in product security. However, building products that are secure by design and regularly updated with security improvements does not eliminate the risk that organizations using the operational technology products might configure and deploy them in ways that leave them vulnerable to attack.
Schneider Electric is taking proactive steps to help their customers identify and mitigate risks in individual implementations of the company’s products. With a partnership and their expertise operational technology, Schneider provided critical insights to Bitsight’s Internet scanning technology development. This enhanced Bitsight’s Cybersecurity Data Feeds solution, which now includes detailed OT exposure insights tailored to optimize exposure remediation.
Since the beginning of our partnership, Schneider Electric has been leveraging a continuous stream of exposure data on their products found to be exposed on the public internet, Schneider Electric can conduct proactive outreach to customers, educate them about possible risks in their implementation, and collaborate on remediation measures. And it doesn’t stop here, by taking this data-driven approach as an industry pioneer, Schneider Electric advances the best practices on how manufacturers and the broad community can further tackle ICS security. Learn more about this partnership from the latest ICS Lab publication.
Schneider Electric’s partnership and use of OT exposure data from Bitsight to promote secure product usage is just one example of how leading-edge organizations incorporate Bitsight data into their security workflows. This approach enables them to take proactive actions, make informed decisions based on real-world risk analytics, and communicate effectively to their community and ecosystem to foster collaboration for a more secure network.
Some additional examples of how Bitsight customers are using Cybersecurity Data Feeds innovative ways include:
Cybersecurity Data Feeds, including our newly added OT exposure and open port data options, are available now to organizations with large-scale risk assessment needs. Contact us to learn more about options, pricing, and implementation details.
