ABB and IBM Partner on Latest Technology for Security Monitoring in Industrial OperationsOctober 21, 2020 by Alessandro Mascellino
The companies jointly announced last week the release of a new operational technology (OT) Security Event Monitoring Service.
The new solution connects OT data with the broader IT security environment to increase the security of systems across the entire production line.
Secure Technologies for the Automation Industry
The new partnership combines ABB’s process control system domain expertise with IBM’s security event monitoring solutions. The result is a series of products designed to counter the increasing number of cyber-attacks in the automation industry.
The two companies logos. Image courtesy of ABB.
The new OT Security Event Monitoring Service, for example, was co-developed by the two companies to streamline the transfer process of security events data from ABB to QRadar, IBM’s Security Information and Event Monitoring (SIEM) platform.
According to the firms, this would be the first time OT data and process industry domain expertise is being brought directly into a SIEM system. The move will allow IBM to manage threats to ABB’s industrial systems directly within their own infrastructures, thus optimizing the speed of reaction and effectiveness of countermeasures.
Identifying Potential Threats
IBM QRadar is a security analytics tool developed to identify threats and reduce the total alert volume. The suite enables visibility into enterprise data on both on-premises and cloud-based environments, detecting known and unknown threats and prioritizing potential incidents.
QRadar’s machine learning capabilities mean the closed-loop feedback continuously improves detection, using the time saved from automated security intelligence to find threats and automate containment processes.
A screenshot from QRadar. Image courtesy of IBM.
The ABB and IBM technologies beyond QRadar are designed on open platforms to be deployed across hybrid cloud environments on private, on-premise, or public clouds. The solution is also designed so that all security processes are automated and do not hinder the execution of on-site industrial tasks.
The Radar's security analysis feature aims to speed up threat detection by operating through a unique use case library. This library automatically detects and flags incidents and activates alarms.
Developed for Industrial Automation
The combination of ABB’s SIEM and IBM’s QRadar provides domain knowledge for system engineers to react to security incidents, especially those related to process control. The solution is suited for industrial processes and is intended for applications in oil, gas, chemicals, and mining.
"We see the integration of these solutions as bringing market-leading capabilities together for a singular view of OT security,” commented Dr. Andreas Kühmichel, CTO, Chemicals, Petroleum & Industrial Products at IBM. ABB and IBM said the new system is currently being used by early adopters and will be made widely available by ABB in the next few months to further enhance industrial automation security.
“With more comprehensive OT and IT security visibility, clients can help reduce the risk of production being suddenly interrupted due to a security event, resulting in costly downtime and broader risk to the company,” Kühmichel added.
The two companies confirmed they would continue collaborating on OT security to develop new capabilities and opportunities that face customer challenges in the automation industry.