APRIL 2, 2017 BY SHARON UDASIN
Industrial facilities around the globe have become increasingly vulnerable to cyber attacks.
In a move aimed at providing maximal protection to the world’s power plants and manufacturers, an Israeli pioneer in industrial network security is teaming up with global partners to offer unprecedented cyber insurance for critical infrastructure.
Industrial facilities around the globe have become increasingly vulnerable to cyber attacks, leading insurers to shy away from the inherent risk associated with offering policies that cover such threats. Changing that reality, global insurance giants CNA Hardy and THB have joined hands with the Rosh Ha’ayin- based Waterfall Security Solutions to offer a new form of industrial cyber insurance, to be used in conjunction with the Israeli company’s proprietary Unidirectional Security Gateway system.
“It’s a huge vote of confidence. These huge companies are doing something new, something really big from their side, based on our technology,” Lior Frenkel, CEO and co-founder of Waterfall, told The Jerusalem Post on Thursday.
Founded in 2007, Waterfall has been selling its network security system across the globe for years, with its biggest market in North America – serving large companies like Noble Energy and the Detroit Water and Sewerage Department, as well as many power plants and oil and gas facilities. In Israel, Waterfall also protects the vast majority of the country’s critical infrastructure, Frenkel said.
The Unidirectional Security Gateway aims to provide a service that traditional firewalls cannot.
Within the computer networking world, there is a distinction between networks that are used to manage information and those that operate machinery, also known as an industrial network, Frenkel explained.
“The distinction is because of the purpose – when you manage information, the asset that you manage is virtual. You can make copies of it, you can move it, you can do almost anything with it,” he said. “The main thing you want to control is that the asset won’t be copied or manipulated.”
Information networks can have backup sites in their disaster recovery plans, with information capable of moving in real time to different computers if such an emergency occurs, Frenkel continued.
On industrial networks, however, the situation is quite different. For example, a network disruption at a pharmaceutical plant could significantly impact drug production, he explained.
“If the machinery there is broken, you can’t restore it from a backup,” Frenkel said. “You don’t have the fallback that IT [information technology] has. You can’t rely on the fact that you can move your asset at the speed of light with no cost, to the other side of the world.”
Information technology networks typically rely on firewalls, which connect to a network and try to filter out bad elements – but they do not always succeed entirely, Frenkel explained.
When both sides of a network are information technology, and the users can copy and back up their data, firewalls are often sufficient forms of security, he said. Yet the same is far from true on industrial networks.
“When one side is a power plant turbine and the other side is the Internet, firewalls just don’t pull through,” Frenkel said.
By developing the Unidirectional Security Gateway, Waterfall aimed to solve that problem – securing the physical, operational technology from being attacked from the outside. The gateway has specially built hardware and software that enables data to flow physically in one direction only, like a waterfall, outbound from the control network to the physical site, according to Frenkel.
“It’s physically impossible to go backwards,” he said.
The company headquarters never needs such backward communication, because at industrial sites there are always employees controlling the machines on the ground, Frenkel explained.
“Nobody sits in Houston and plays with a turbine in the Gulf Stream,” he said.
Owners of such critical infrastructure are typically eager to buy as much insurance on their assets as possible, and have been increasingly demanding policies on the cyber elements of their facilities. Yet insurance companies were struggling to find a way to provide such packages, because the risks of attack are so high, Frenkel said.
By demanding that industrial businesses use Waterfall’s technology, however, CNA Hardy and THB found that they could provide such cyber insurance, he explained. The risk became something the companies could now calculate, and thereby they could provide coverage for such infrastructure against physical damages, loss of production and extortion attacks.
In order for an industrial business to acquire such cyber insurance, the client must also purchase the Waterfall system.
As such, the Israeli Waterfall firm is opening up an entirely new global market to which insurers can sell their products, Frenkel said.
“We are an Israeli company,” he added. “Everything at this magnitude, with this level of global partners, is an amazing step forward.”