FireEye Inc. announced Wednesday availability of FireEye Cyber Physical Threat Intelligence. The new subscription provides context, data and actionable analysis on threats to cyber physical systems, including operational technology (OT), industrial control systems (ICS), Internet of Things (IoT) and other equipment used to manage interconnected physical processes.
The subscription delivers in-depth analysis on cyber physical-focused malware and malicious tactics, techniques and procedures (TTPs), threat actors, threat activity, vulnerabilities and strategic insights.
This reporting is derived from frontline findings of threat intelligence experts and FireEye Mandiant engagements, as well as deployed FireEye technology and an extensive global network of FireEye sensors.
Over the past 15 years of responding to and analyzing many of the world’s most high-profile attacks, FireEye has observed a consistent pattern across almost all OT security incidents – the significant overlap across TTPs utilized by threat actors targeting both IT and OT networks. Expertise in responding to thousands of intrusions and a unique understanding of the full attack lifecycle have shaped the FireEye philosophy that visibility into network traffic and endpoint behaviors is as critical in preventing pivots to key assets in the OT network as in IT security. By drawing parallels between these intrusion methods, detection opportunities can be identified earlier.
FireEye offers organizations an end-to-end solution for ICS and OT, inclusive of threat intelligence, consulting and Managed Detection and Response (MDR) services. This combination of in-depth insight into ICS threats, custom risk ratings with actionable recommendations, and continuous threat detection, asset modeling, and direct collaboration with FireEye OT security experts during high priority incidents presents a powerful way to identify areas of concern and accelerate response.
“While the intersection of the virtual and physical worlds has led to revolutionary connectivity and instrumentation, these benefits also introduce new and complex risks,” said Sandra Joyce, SVP of Global Intelligence at FireEye. “For organizations tasked with maintaining the security and continuity of these systems, FireEye Cyber Physical Threat Intelligence provides an early warning on critical vulnerabilities, and actionable intelligence on the adversaries targeting them.”