ICS/OT cybersecurity vendor Dragos has signed a deal with the US Department of Energy (DoE). The deal gives DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) access to Dragos’ Neighborhood Keeper. It means DOE analysts will have greater visibility into ICS/OT threats facing the infrastructure community.
Robert M Lee, Chief Executive Officer and Co-Founder, Dragos Inc, said, “In 2018, the DOE’s CESER award supported the development of Neighborhood Keeper as a novel way to make ICS threat analytics and data more accessible to infrastructure providers serving our local communities.
“Seeing Neighborhood Keeper grow to serve organizations across the range of critical infrastructure sectors is a testament to what public agencies and industrial communities can achieve together to enhance national security while respecting and protecting data integrity and identity.
“Having DOE come full circle to join as a Neighborhood Keeper Trusted Advisor—just as NSA and CISA did recently as well — shows the government’s commitment to collaborate by using technologies the industry has already voluntarily adopted.”
What is Neighborhood Keeper?
Neighborhood Keeper is a community initiative to pool threat intelligence at machine speed. Pooling the threat intelligence improves the defensive capability of all participants. It also allows participants to share their responses to threats as they are detected. This collective defence posture makes it harder for attackers to isolate one target.
The data is anonymous and available to everyone. As such, it doesn’t pose any competition threats from a regulatory perspective. Instead, it strengthens regulatory requirements for better security through the sharing of data.
Neighborhood Keeper sits on top of the Dragos Platform and is an opt-in capability. That means that anyone benefitting from Neighborhood Keeper needs to be a Dragos customer. The benefits for Dragos are apparent. Collective protection means increased sales of its products.
The role of the DOE is interesting. According to the release, “DOE analysts will be able to view anonymized, aggregate information about threat analytics, indicators of compromise (IOCs), and the prevalence of vulnerabilities and asset types across Neighborhood Keeper participants. This enables analysts to not only understand what threats could be impacting the industrial community but also understand the possible exposure to existing and emerging supply chain risks.”
Interestingly, it has taken the DOE until now to join Neighborhood Keeper. As Lee says, the DOE CESER award supported the development of Neighborhood Keeper. It seems strange, therefore, that it didn’t join sooner. Perhaps the fact that Dragos has also signed up the NSA and CISA has tipped the DOE’s hand.
Enterprise Times: What does this mean?
We are seeing an increasing number of industry-specific sharing initiatives around cybersecurity. All of these are taking place with the agreement of regulators as they offer anonymised data that doesn’t threaten competition. Importantly, it would be difficult for large, let alone small and medium players, to protect themselves without that level of sharing.
It will be interesting to see if this helps drive Dragos sales in the sector. The US power generating landscape is a mix of a few large players and many smaller regional ones. The latter are particularly at risk from attack. Given the interconnected nature of the US power grid, attacks against smaller players have a larger impact. Can Dragos reduce that likelihood of an attack? It is certainly worth trying.