Cynalytica: First Deployment of SerialGuard Cybersecurity Solution for Gas Pipeline Operations
March 1, 2022
Designed for Industrial Control Systems (ICS), SerialGuard is a fully passive serial packet sniffer that enables secure visibility within vulnerable legacy networks. This fail-safe sensor monitors Level 0 and Level 1 serial communications between field devices and controllers. Combined with the Cynalytica AnalytICS Engine Platform, it can also reveal and help alert traffic anomalies that are indicative of a cyberattack, physical attack or system misconfiguration.
Legacy serial communications make up 30 to 60 percent of all U.S. critical infrastructure. These typically insecure and unmonitored assets have been historically overlooked, with most ICS security providers only monitoring TCP/IP and Ethernet communications, leaving gas pipeline and other utility operators with a large monitoring blindspot.
“As geo-political cyberthreats to U.S. critical infrastructure escalate and we see the launch of the DHS/CISA Shields Up advisory, we’re happy to see that many commercial infrastructure operators are becoming more aware of the need to protect their legacy infrastructure — something SerialGuard allows them to do safely and securely,” says Richard Robinson, CEO of Cynalytica, Inc.
Cynalytica has been providing cybersecurity solutions to the U.S. Department of Homeland Security (DHS), U.S. Department of Defense (DoD) and U.S. Department of Energy (DOE) for many years. Its SerialGuard sensor enables pipeline operators to meet monitoring and baselining requirements under the DHS directive, “Security Directive Pipeline-2021-02: Pipeline Cybersecurity Mitigation Actions, Contingency Planning and Testing.”
SerialGuard follows closely behind other cybersecurity regulations, including the Pipeline Owner Operator Security Directive, Federal Energy Regulatory Commission (FERC) and North American Electric Reliability Corporation (NERC), which is working to strengthen critical infrastructure protection reliability standards by requiring internal network security monitoring.