Utility Company in Western Canada
Enhance security posture for OT
Delivering OT (Nozomi) and SIEM (QRadar) solution for provincial utility provider.
The Challenge
- Gain visibility into known vulnerabilities associated with their Industrial Control System assets.
- Clarify view of the Water/Wastewater assets footprint in the region.
- Develop bi-directional integration between the SIEM (IBM QRadar) and OT Security platform (Nozomi Guardian).
The Solution
- GlassHouse Systems delivered infrastructure, pre and post sales services and on going support.
- IBM QRadar SIEM with Nozomi Guardian appliance and Remote Collectors to pool data, parse in realtime and feed into Qradar.
- Professional Services for implementation, tuning, support and training of QRadar and Guardian.
Benefits
- Visibility of the Industrial Control System network and mapping all assets above Level 1 of the Purdue Model.
- Ability to quickly patch or update the ICS equipment against known vulnerabilities published to the ICS-Cert CVE Advisories.
- Comply with Critical Infrastructures requirements and ramp up new team members quickly as needed.
- Reduce events analysis time and false positives, by integrating the ICS systems into the centralized event management system (SIEM).