Company. Nesher Israel Cement Enterprises is the largest cement producer in Israel. Owning large-scale production sites in Ramla and Haifa, Nesher produces about 60% of the cement used in the country's construction industry.

Challenge. Deciding to reduce risks and minimize downtime, Nesher’s management has made a strategic decision to invest in a specialized solution for industrial cybersecurity. The company realized that their SCADA network could potentially be subject to cyber threats that compromise the safety and productivity of their plants. So, employees, contractors and integrators very often connect to control devices using a cable or via a USB port. Thus, an attacker who has physical access to the network can connect to the controllers. Changes made to the controller code, firmware, or configuration changes cannot be detected during normal network monitoring. It is also possible that an employee or contractor unknowingly exposes the controller to threats by connecting a programmer with malware. It was necessary to take into account the working conditions of enterprises Nesher Cement. Since cement kilns operate around the clock at 1200 degrees Celsius, safety is the most important operational task of Nesher. Nesher furnaces and other critical facilities are controlled by industrial controllers, which, if compromised by cyber attacks, can lead to a serious explosion and even death. From a business point of view, an unforeseen cybersecurity event in the company's industrial network can completely stop cement production. Such an incident can cause a serious shortage of cement in the construction market of Israel, as well as the loss of millions of dollars in revenue and reputational damage to Nesher.
To avoid these scenarios, Nesher needed full visibility of their integrated network of process control systems in real time, with 24/7 notification of any changes to their controllers. Ease of use and operational support from suppliers was also taken into account when considering various options: the company needed that the operational teams of Nesher and security specialists could examine the system as soon as possible. This would help to avoid hiring new cybersecurity and OT experts and reduce training efforts.

Integration. With these requirements in mind and after a thorough evaluation by a technical team from a number of other vendors, Nesher chose the Indegy Industrial - a cybersecurity hybrid package that can be customized, which includes the Device Integrity solution. The Nesher team was particularly impressed with the comprehensive situational awareness provided by the Indegy solution. Nesher deployed the Indegy solution at its cement plant and power plant — both located in Ramla. During the deployment process, the Indegy team of professionals worked closely with Nesher experts to develop an optimal deployment strategy. “The Indegy team was very flexible and resourceful in solutions, helping us to speed up the introduction of the product into the system.” After just one day of work, I already felt confident with the user interface. ”
Niki Lukutin, Manager of Technology Development Department, Nesher

Results. The unrivaled visibility provided by Device Integrity allows Nesher to maximize network visibility. This is possible thanks to a patented technology that actively requests devices in the industrial Nesher environment, thereby ensuring that process control engineers know about every change in every asset in their network. This component provides unprecedented control over assets of process control, without affecting the speed or reliability of Nesher’s industrial operations. “We maximize the use of Device Integrity, but at the same time our SCADA environment does not experience any additional load”
Roy Shalev, CISO at Nesher. By periodically taking snapshots of the device and comparing them with previous baselines, Device Integrity can detect changes and check if the integrity of the device is not compromised. Also, this Indegy solution has reduced installation costs per switch of the network or node that need to be monitored, ensuring that all routed parts of the network are monitored with a single device. Device Integrity allows Nesher to automatically discover all assets in its extensive industrial network, including inactive devices. Indegy collects and monitors all actions related to devices, creating up-to-date asset accounting in the company's automated process control system, including data stored on the devices themselves: Windows users, fix lists, firmware version and configuration of PLC modules. This detailed view of the state of each device allows Nesher to immediately detect incorrect configurations, identify potential security breaches and eliminate threats.

Light bulb pitch Device Integrity is the optimal solution for the most complete monitoring of all assets within complex SCADA environments.

About company. The Raleigh City Public Services Department is responsible for providing water and sewage. The population of the city is 570,000 people - this includes the city of Raleigh, North Carolina, the United States and the surrounding areas. The work and support of the operation of these services are monitored by the “Technical Applications group”, which is also responsible for the operation and security of the process control network.

Challenge. Aware of the growing cyber threat to critical infrastructure and the need to comply with new rules regarding risk assessment and emergency response, the Roly Department of Public Utilities decided to update its industrial network security solution. In order to provide a safer and more resilient infrastructure, to detect potential threats that could harm water supply and sewage, the Department of Public Utilities required full visibility and control of changes made to the PLC and other key devices in their industrial network. The security team realized that monitoring network traffic provides only half of what is needed to protect the control system network. Accordingly, they were interested in adding an active detection component that could work together with passive network monitoring to provide critical information about the industrial network, which cannot be gathered only by reviewing network traffic. Another key security requirement for the Raleigh city was automatic asset discovery and management. Manual processes that were previously used to manage assets were laborious and error prone, making it difficult to maintain up-to-date and accurate accounting of assets within the network, which is crucial for adequate risk assessment and regulatory compliance.

Integration. The town of Raleigh chose Indegy after a thorough review of the proposals, during which they evaluated several suppliers. “We have chosen Indegy for the unique ability to monitor, proactively detect and warn our employees about any changes made to our industrial management systems that may affect their integrity and proper operation.”
Steve Worley, SCADA Security Manager for Raleigh City. Results Since the complete visibility of devices was a priority for Raleigh PCS engineers, the use of proprietary active detection technology in the Device Integrity solution enabled them to get the most comprehensive picture of the state of their network. Device Integrity detects, classifies and requests all ICS assets and devices, even those that do not interact on the network. At the same time, requests to devices do not affect network operations, without changing or making heavier the work of the systems. Details regarding asset accounting and advanced context for warnings helped to improve the accuracy of warnings and, ultimately, the effectiveness and efficiency of the security team, which was exempted from manual risk management. Indegy Device Integrity provides the Role team with a complete audit log, detailing all engineering activities related to devices. By collecting "who", "what", "when", "where", and "how" data on the network, the audit log allows the security team to quickly identify the problem, the responsible party and, in the event of a problem, facilitate the restoration of the system to its previous state .

Light Bulb Device Integrity is a unique solution for full transparency and accounting of assets within industrial environments.