Once upon a time, industrial control system (ICS) environments were wholly engineered environments, with deterministic designs optimized around the physical process of the plant, rig, or substation. And while these environments may still seem somewhat dated and passé’ by traditional IT standards, today’s industrial environments are becoming increasingly connected and enabled with high-speed connections, perimeter security, managed switches and more. Even communications technologies like Ethernet find their way increasingly deeper and deeper into the technology stack, replacing serial in significant numbers. In short, these ICS environments have already become quite dependent on networks and networking technology for connectivity and pushing mission critical information to applications for analysis. On the flip side, the same connectivity that has unleashed the power of the ICS can also be a double-edged sword, where weaknesses in design and lack of cyber security can be exploited by cybercriminals. That is, unless companies take an active approach to proactively secure and monitor their most critical systems, setting traps for the would-be attackers.
NexDefense is a US-owned and operated company which empowers industrial control system operators with the real-time data and intelligence needed to improve system and process integrity and combat cybersecurity threats.
The Timeline of Advancement
Since 2012, NexDefense has pioneered industrial cybersecurity, and today they stand as the market leader.
- In 2010, the United States Department of Energy funded a project to develop technology capable of visualizing and monitoring critical infrastructure such as the US Smart Grid, and associated ICS and SCADA systems. In 2011, the project was executed at the Idaho National Labs (INL), which is the nation’s leading center for nuclear energy and critical infrastructure R&D.
- In 2012, NexDefense is founded and in 2013 NexDefense is awarded exclusive license to commercialize “Sophia” visualization, asset discovery, monitoring and detection technology.
- In 2014, NexDefense conducts Sophia beta testing and customer feedback program with 50+ energy, critical infrastructure and defense companies.
- In 2015, Production Testing; first commercial release, and the first sales.
- In 2016, NexDefense hires Jeff Spence is CEO to oversee growth and operations.
- In 2017, NexDefense hires Matt Morris to lead strategy, business development and product management; company executes plan for rapid market and geographical expansion; company releases the next evolution of Sophia to be branded as the NexDefense Integrity™ product suite.
Architects of NexDefense
Jeff Spence, CEO at NexDefense, holds degrees in Electrical Engineering and Physics from the California State University, Chico and brings to NexDefense a wealth of experience in technology business and corporate development and also brings experience across a wide array of technology industries both inside and outside of the ICS market.
Co-Founders and industry luminaries Derek Harp and Michael Assante saw the value of the INL-DOE technology at INL and worked to acquire the rights to Sophia, raise capital for operations and build the NexDefense team.
Since gaining the rights to the original technology, the solution has continuously evolved, and more recently improved at a mind-numbing pace. What you see today is the brainchild of Matt Morris, VP, Strategy & Products. Matt joined NexDefense in early 2017 from Cisco Systems where he founded and led the world’s first managed industrial cybersecurity service. Matt has 20+ years in cyber security, the last decade of which was in industrial cybersecurity. The IntegrityTM product suite, consisting of several components that get flexibly deployed to meet the needs of the customer environment. The IntegrityTM Product Suite consists of:
- IntegrityTM Centralized Monitoring Station provides a single pane of glass for continuous visibility, awareness and monitoring of the enterprise ICS/SCADA environment. CMS has operational dashboards, an enterprise-wide asset database, network diagramming, configurable alerting and notifications, and flexible reporting to effectively manage the entire ICS environment from a single pane of glass.
- IntegrityTM Operations provide continuous network and asset inventory; detection and alerting for events, anomalies and changes; operational network research, forensics, and analysis.
- IntegrityTM Vision provides safe, passive discovery of operations networks and assets; operational network and data flow visualization; operational network performance optimization. Vision is also frequently used to troubleshoot ICS environments, to find system design flaws, misconfigurations, and potential security vulnerabilities.
- IntegrityTM Monitoring Points are responsible for collecting data from various operational networks, or zones/segments within those networks.
Happy Clients Drive Hyper Growth
NexDefense’ customers benefit from improved production and safety, less unplanned downtime, and proactive defense against security related threats. For a real-world example – NexDefense worked with a pharmaceutical company to assist with a problem they were observing with their mixing process used for certain pharmaceuticals. The process, driven by a commonly utilized distributed control system (DCS), worked without issue the vast majority of the time but also witnessed intermittent downtime for reasons not known or understood by the customer. NexDefense Integrity solved the issues by base-lining the production system—defining what normal looks like for the environment and process—and then passively monitored activities to identify baseline deviations that could disrupt the process. Using IntegrityTM, the customer resolved the issue, helping them restore both system and process integrity, and saving millions of dollars in unplanned downtime and product loss.
NexDefense continues to evolve the product suite in innovative ways to help the customers from all segments of ICS achieve their goals of system and process integrity, safety and uptime. The company highly expects continued and rapid growth over the next 12-18 months to support an expanded US customer base as well as a rapidly expanding international presence. NexDefense has already established an international presence throughout the Middle East and Africa and will look to expand into Europe and Asia over the coming months. This movement is not a shift from the US to international markets but, rather the recognition that many of their customers are multinationals and support of their enterprise requires NexDefense to be capable of serving them in multiple markets globally.