ABB和IBM合作加强工业运营网络安全
工控参考
关注工控自动化大事小事
❑注:本文由中华工控网翻译,为保障准确性,附中英对照。
📝
ABB and IBM announced a collaboration focused on connecting cybersecurity and operational technology (OT). As a first result of this collaboration, ABB has developed a new OT Security Event Monitoring Service that combines ABB’s process control system domain expertise with IBM’s security event monitoring portfolio to help improve security for industrial operators.
ABB和IBM宣布了一项专注于连接网络安全和运营技术(OT)的合作。作为合作的第一项成果,ABB开发了一项新的OT安全事件监控服务,该服务将ABB的过程控制系统领域专业知识与IBM的安全事件监控产品组合相结合,以帮助提高工业操作员的安全性。
Industrial control system environments are increasingly targeted in cyber-attacks. In fact, IBM’s latest X-Force Threat Intelligence Index found that attacks on industrial and manufacturing facilities have increased by over 2,000% since 2018.
工业控制系统环境越来越成为网络攻击的目标。事实上,IBM最新的X-Force威胁情报指数发现,自2018年以来,对工业和制造设施的攻击增加了20倍以上。
To better connect OT data with the broader IT security ecosystem, ABB has developed a new offering that allows security events from ABB to be sent to IBM’s security information and event management platform known as QRadar.
为了更好地将OT数据与更广泛的IT安全生态系统联系起来,ABB开发了一个新产品,可以将来自ABB的安全事件发送到IBM的QRadar安全信息和事件管理平台。
The ABB solution was designed according to a reference architecture jointly developed by ABB and IBM. It provides the domain knowledge needed to swiftly react to security incidents related to process control, and is especially suited for complex industrial processes in industries such as oil, gas, chemicals and mining. The new event collection and forwarding software which enables this integration is currently being used by early adopter customers and will be made broadly available by ABB in the coming months.
ABB解决方案根据ABB和IBM联合开发的参考架构而设计。它提供了对与过程控制相关的安全事件迅速做出反应所需的领域知识,尤其适用于石油、天然气、化工和采矿等行业的复杂工业过程。早期采用客户目前正在使用支持这种集成的新事件收集和转发软件,并将在未来几个月内由ABB大范围提供。
This collaboration marks the first time that OT data and process industry domain expertise is being brought directly into a Security Information and Event Monitoring (SIEM) system, allowing threats to be managed as part of an organization’s broader cybersecurity operations and strategy.
此次合作标志着首次将OT数据和流程行业专业知识直接引入安全信息和事件监控(SIEM)系统,从而可以将网络威胁作为整个机构中更广泛的网络安全运营和策略的一部分进行管理。
Disruption of production due to a cyberattack or technical glitches can be costly in terms of lost production and damage to physical assets. Most mature operational monitoring is focused on the performance of the asset, whether it be a gas turbine for electricity, a drive system used to crush ore, or simple monitoring of pollution output from a chemical facility.
网络攻击或技术故障造成的生产中断可能会导致生产损失和实物资产损坏,代价高昂。最成熟的运营监控都集中在资产的性能上,无论是用于发电的燃气轮机,用于破碎矿石的驱动系统,还是对化学设施污染输出的简单监控。
The new ABB offering allows ABB’s process control system data collection and forwarding technology to harvest event log detail from ABB process control systems, and share that information with IBM Security QRadar, which uses automation and artificial intelligence to help identify security anomalies and potential threats.
ABB的新产品使ABB的过程控制系统数据收集和转发技术可以从ABB过程控制系统中收集事件日志详细信息,并与IBM Security QRadar共享这些信息,后者使用自动化和人工智能来帮助识别安全异常和潜在威胁。
The ABB and IBM technologies involved in this solution are designed on open platforms allowing them to operate on the edge and deploy easily across hybrid cloud environments spanning on-premise, private or public clouds. The joint solution is designed so that security processes operate via automation and do not disturb industrial workflows. The security analysis in QRadar operates through a use case library, which automatically flags incidents and triggers corresponding alarms.
该解决方案所涉及的ABB和IBM技术是在开放平台上设计的,使它们可以在边缘端运行,并可以跨本地、私有或公共云的混合云环境中轻松部署。联合解决方案的设计使安全流程可以通过自动化进行操作,并且不会干扰工业工作流程。QRadar中的安全性分析通过一个用例库来运行,该用例库自动标记事件并触发相应的警报。
The two companies plan continued collaboration in the realm of OT security, in order to develop new capabilities and offerings that address customer challenges in this space.
两家公司计划在OT安全领域继续合作,以开发新功能和产品来解决这一领域的客户挑战。
工业互联网融合创新涌现出6大典型模式
日立获美国近8亿美元高速铁路列车控制系统订单
罗克韦尔自动化与微软宣布5年合作扩展计划