Cybersecurity risk assessment platform
Global leader of Privileged Access Management.
The industry's only SaaS solution for enterprise DLP.
Cyber security leader protecting application and API.
It has the largest market share of web firewall in Korea. Provides Secure Web Gateway(SWG) and SSL Visibility Solution.
Security solutions of Enterprise/Datacenter/Cloud environment/Network and Endpoint.
Application forgery prevention and API anomaly detection and management, enterprise mobile endpoint and mobile application security
Threat monitoring and detection of managed and unmanaged IoT assets
Skyhigh Security focused on cloud security
DONGHOON Itech provides solution to reduce security inspection costs and deploy a regular security inspection system.
OT is different from IT in terms of vaccine, supporting technology lifetime, service, patch, application, equipment regeneration, emergency content, availability, security awareness, security test/audit, and physical security. You can only utilize it if you take the benefits into consideration and pay attention to security.
1. For vaccines, you should use specialized vaccines for each OT field, not general and broad vaccines used in IT.
Stuxnet, a worm virus that infects only Siemens' Industrial Automation Control System (PCS7) used in power facilities such as power plants, causes malfunctions or paralyzes the system. Stuxnet has infected 30,000 computers related to the Bushehr Nuclear Power Plant in Iran, as well as major social overhead capital facilities (SOCs) in China.
2. In the case of supporting technology lifetime, if technology is supported every 3 to 5 years in the IT field, various technical problems, SW security verification, and long-term research in the OT field must be accompanied. Because of this, it can take quite a long time, and a high level of security is required.
3. In the case of services, services can be used in general and extensively in IT, but in the case of OT, they are specialized for very limited services and the cost increases.
4. For patch application, it can be applied with regular updates in IT, but cannot and should never be applied until SW security verification is completed in OT. Therefore, it is slower to apply than IT, and patches must be applied according to the characteristics.
5. Fifth, in the case of equipment regeneration, a regular inspection can be performed on IT and inspection date can be scheduled, whereas OT is based on old hardware or software developed in the past and still in use, so it should be taken into account that there are many cases that it is not suitable for the recent security environment.
6. In case of emergency content, which is various information flowing through communication networks or broadcasting networks, delays in IT can be tolerated, but OT is fatal for safety.
7.In terms of availability, IT is also highly available, but since OT has to operate 24 hours a day, 365 days a year, its tests and inspections are very exceptionally possible. This is because the machine cannot be basically stopped working.
8. In terms of security awareness, in the case of IT, both the public and the private sector are aware of the importance of security, while those in the OT field generally have insufficient awareness of cyber security.
9. For security testing and auditing, the IT sector is tested and audited on a regular basis, whereas OT cannot stop working, so testing is only possible for a certain period of time.
10.In the case of physical security, OT-based infrastructure is specialized, and although the physical security system is well established, it is relatively exposed to risks due to negligence or carelessness.
Nozomi Networks security solution handled by DONGHOON Itech is positively leading the OT∙IoT security area and is well-received in the same industry for intuitive data visualization, advanced OT∙IoT threat detection technology, and rapid deployment.
In particular, it is controlling more than 2,300 and more than 3.4 million devices in a wide range of industries such as ▲energy ▲manufacturing ▲mining ▲transportation ▲utility ▲smart building ▲smart city. Nozomi Networks’ products cover the fields of IT, OT and IoT, and automate tasks such as asset status identification, data visualization and monitoring of industrial control networks based on artificial intelligence. It can be applied in various directions, such as improving business efficiency, managing assets, predicting maintenance work, etc.