http://m.casecurityhq.com 2020-10-21 16:59 《中華工控網(wǎng)》翻譯
ABB and IBM to bolster cybersecurity for industrial operations
ABB和IBM合作加強(qiáng)工業(yè)運(yùn)營網(wǎng)絡(luò)安全
ABB and IBM announced a collaboration focused on connecting cybersecurity and operational technology (OT). As a first result of this collaboration, ABB has developed a new OT Security Event Monitoring Service that combines ABB’s process control system domain expertise with IBM’s security event monitoring portfolio to help improve security for industrial operators.
ABB和IBM宣布了一項(xiàng)專注于連接網(wǎng)絡(luò)安全和運(yùn)營技術(shù)(OT)的合作。作為合作的第一項(xiàng)成果,ABB開發(fā)了一項(xiàng)新的OT安全事件監(jiān)控服務(wù),該服務(wù)將ABB的過程控制系統(tǒng)領(lǐng)域?qū)I(yè)知識與IBM的安全事件監(jiān)控產(chǎn)品組合相結(jié)合,以幫助提高工業(yè)操作員的安全性。
Industrial control system environments are increasingly targeted in cyber-attacks. In fact, IBM’s latest X-Force Threat Intelligence Index found that attacks on industrial and manufacturing facilities have increased by over 2,000% since 2018.
工業(yè)控制系統(tǒng)環(huán)境越來越成為網(wǎng)絡(luò)攻擊的目標(biāo)。事實(shí)上,IBM最新的X-Force威脅情報(bào)指數(shù)發(fā)現(xiàn),自2018年以來,對工業(yè)和制造設(shè)施的攻擊增加了20倍以上。
To better connect OT data with the broader IT security ecosystem, ABB has developed a new offering that allows security events from ABB to be sent to IBM’s security information and event management platform known as QRadar.
為了更好地將OT數(shù)據(jù)與更廣泛的IT安全生態(tài)系統(tǒng)聯(lián)系起來,ABB開發(fā)了一個新產(chǎn)品,可以將來自ABB的安全事件發(fā)送到IBM的QRadar安全信息和事件管理平臺。
The ABB solution was designed according to a reference architecture jointly developed by ABB and IBM. It provides the domain knowledge needed to swiftly react to security incidents related to process control, and is especially suited for complex industrial processes in industries such as oil, gas, chemicals and mining. The new event collection and forwarding software which enables this integration is currently being used by early adopter customers and will be made broadly available by ABB in the coming months.
ABB解決方案根據(jù)ABB和IBM聯(lián)合開發(fā)的參考架構(gòu)而設(shè)計(jì)。它提供了對與過程控制相關(guān)的安全事件迅速做出反應(yīng)所需的領(lǐng)域知識,尤其適用于石油、天然氣、化工和采礦等行業(yè)的復(fù)雜工業(yè)過程。早期采用客戶目前正在使用支持這種集成的新事件收集和轉(zhuǎn)發(fā)軟件,并將在未來幾個月內(nèi)由ABB大范圍提供。
This collaboration marks the first time that OT data and process industry domain expertise is being brought directly into a Security Information and Event Monitoring (SIEM) system, allowing threats to be managed as part of an organization’s broader cybersecurity operations and strategy.
此次合作標(biāo)志著首次將OT數(shù)據(jù)和流程行業(yè)專業(yè)知識直接引入安全信息和事件監(jiān)控(SIEM)系統(tǒng),從而可以將網(wǎng)絡(luò)威脅作為整個機(jī)構(gòu)中更廣泛的網(wǎng)絡(luò)安全運(yùn)營和策略的一部分進(jìn)行管理。
Disruption of production due to a cyberattack or technical glitches can be costly in terms of lost production and damage to physical assets. Most mature operational monitoring is focused on the performance of the asset, whether it be a gas turbine for electricity, a drive system used to crush ore, or simple monitoring of pollution output from a chemical facility.
網(wǎng)絡(luò)攻擊或技術(shù)故障造成的生產(chǎn)中斷可能會導(dǎo)致生產(chǎn)損失和實(shí)物資產(chǎn)損壞,代價高昂。最成熟的運(yùn)營監(jiān)控都集中在資產(chǎn)的性能上,無論是用于發(fā)電的燃?xì)廨啓C(jī),用于破碎礦石的驅(qū)動系統(tǒng),還是對化學(xué)設(shè)施污染輸出的簡單監(jiān)控。
The new ABB offering allows ABB’s process control system data collection and forwarding technology to harvest event log detail from ABB process control systems, and share that information with IBM Security QRadar, which uses automation and artificial intelligence to help identify security anomalies and potential threats.
ABB的新產(chǎn)品使ABB的過程控制系統(tǒng)數(shù)據(jù)收集和轉(zhuǎn)發(fā)技術(shù)可以從ABB過程控制系統(tǒng)中收集事件日志詳細(xì)信息,并與IBM Security QRadar共享這些信息,后者使用自動化和人工智能來幫助識別安全異常和潛在威脅。
The ABB and IBM technologies involved in this solution are designed on open platforms allowing them to operate on the edge and deploy easily across hybrid cloud environments spanning on-premise, private or public clouds. The joint solution is designed so that security processes operate via automation and do not disturb industrial workflows. The security analysis in QRadar operates through a use case library, which automatically flags incidents and triggers corresponding alarms.
該解決方案所涉及的ABB和IBM技術(shù)是在開放平臺上設(shè)計(jì)的,使它們可以在邊緣端運(yùn)行,并可以跨本地、私有或公共云的混合云環(huán)境中輕松部署。聯(lián)合解決方案的設(shè)計(jì)使安全流程可以通過自動化進(jìn)行操作,并且不會干擾工業(yè)工作流程。QRadar中的安全性分析通過一個用例庫來運(yùn)行,該用例庫自動標(biāo)記事件并觸發(fā)相應(yīng)的警報(bào)。
The two companies plan continued collaboration in the realm of OT security, in order to develop new capabilities and offerings that address customer challenges in this space.
兩家公司計(jì)劃在OT安全領(lǐng)域繼續(xù)合作,以開發(fā)新功能和產(chǎn)品來解決這一領(lǐng)域的客戶挑戰(zhàn)。