To say that the industrial cybersecurity industry has changed dramatically over the past few years would be a major understatement—not only because the changes have been so significant, but because the evolution is still underway. Just in the past few months we’ve covered alliances between Rockwell Automation and Claroty, third-party investments in PAS, and the growing trend around continuous monitoring as exemplified in NextNine’s latest release.
Now there’s news that Deloitte is expanding its cyber risk services for industrial control systems by incorporating Dragos’ cybersecurity technology (read Automation World coverage of Dragos’ technology). In its announcement of this technology partnership—which includes use of the Dragos platform, Threat Operations Center, and intelligence team—Deloitte said that the resulting combination of cyber risk services and technologies allows organizations “to look beyond internal data to threat documentation found in external databases. Beyond securing ICS and OT systems, this combination of cyber risk services and technologies can provide a more complete picture of an organization’s ICS and OT threat landscape through active monitoring that can better inform scenario planning and response.”
I had a chance to connect with Sean Peasley, partner with Deloitte Risk and Financial Advisory Cyber Risk Services to find out more about Deloitte’s technology partnership with Dragos. He explained that Deloitte “was able to establish this business relationship due in large part to our involvement with an organization called the DataTribe where Dragos is incubating.Since we are DataTribe’s exclusive advising professional services firm, we were able to get early access to Dragos and found their ICS security scanning tools, security monitoring technology platform and threat intel services were clearly differentiated in the market. Given Deloitte’s existing ICS capabilities and scale, we are actively planning expansion of our own cyber risk platform and offering using various facets of Dragos technology, talent, intelligence and market relationships.”
Since Deloitte is not a name frequently associated with industrial control system cybersecurity, I asked Peasley who Deloitte typically interacts with at industrial companies when it comes to its ICS cybersecurity services. He said that Deloitte typically works with “cross-functional stakeholders, given that we view cyber risks as a multi-disciplined paradigm.Information technology and security risks are traditionally the domain of a Chief Information Officer (CIO), Chief Technology Officer (CTO) or Chief Information Security Officer (CISO).However, industrial systems and operational technology risks transcend the traditional security domain and require coordination with different stakeholders such as a Chief Operating Officer (COO), plant managers, engineering and others.”