MicroSec Announces the Launch of CyberAssessor for OT/ICS: The World's First AI-Based Cybersecurity Assessment Platform for IEC 62443
SINGAPORE, Sept. 9, 2024 /PRNewswire/ -- MicroSec, a global leader in Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity, announces the launch of CyberAssessor for OT/ICS, the world's first AI-based automated cybersecurity assessment platform specifically designed for performing IEC 62443 assessments. This platform automates the assessment process and enhances compliance evaluation accuracy across sites and down to the device level, including third-party equipment, hardware, and software. It provides a comprehensive summary through a "single pane" dashboard and generates an automatic report detailing the organization's risk level, compliance score, and recommendations.
After a successful beta trial, MicroSec is now launching CyberAssessor for OT/ICS globally. CyberAssessor for OT/ICS addresses the ISA/IEC 62443 standard, an internationally recognized framework for securing industrial automation and control systems (IACS) and widely adopted across industries such as manufacturing, energy, utilities, and critical infrastructure. The CyberAssessor for OT/ICS helps organizations achieve compliance across multiple sites, individual plants, and at both the infrastructure and device levels by assessing against standards such as IEC 62443 (including parts 2-4, 3-2, 3-3, 4-2), along with other industrial cybersecurity frameworks like ISO 27400, Singapore's TR64, IACS E26/E27, CIS benchmarks, and regional frameworks.
For asset owners and plant managers, two main challenges arise when conducting a cyber risk assessment. The first is how to quickly and accurately assess cyber risks that can scale from individual ICS equipment, regardless of make or model, to the entire site level. The second challenge is how to quantify and resolve areas of non-compliance, and then apply consistent standards across multiple sites and devices.
MicroSec's CyberAssessor for OT/ICS addresses these challenges by offering a non-invasive approach that requires minimal to no integration, simplifying the process of evaluating and complying with IEC 62443. It automatically assesses cyber risks across sites or individual equipment, reducing the need for manual input, minimizing human error, and enhancing visibility by identifying both known and unknown systems and devices through zone mapping.
CyberAssessor conducts cyber risk assessments using automated digital questionnaires, instant network captures, and real-time network traffic visibility. These assessments can be performed at both the site and device levels, from Level 0 to Level 5 of the Purdue Model, as well as across multiple sites. Upon completion of an assessment, asset owners and plant managers receive a compliance score for IEC 62443, which establishes a baseline and is benchmarked against similar organizations in their industry. All identified areas of non-compliance, along with cyber risks, threats, and vulnerabilities, are tracked via compliance dashboards across zones, segments, and multi-sites.
Management also receives a detailed report with the compliance score, risks, and recommendations for achieving compliance. These recommendations are automatically generated based on the specific areas of non-compliance and the end user's security level targets. Since the process is automated, the entire assessment, scoring, and reporting can be completed in hours, rather than the days or weeks typically required by traditional assessments.
Additionally, to ensure business continuity and incident response planning, MicroSec's CyberAssessor overcomes knowledge loss from staff turnover, outdated device information, and limited cybersecurity expertise. It does this by storing information, maintaining assessment histories, and tracking performance, all of which are managed within the platform.
Dr. Vishram Mishra, CEO of MicroSec, commented on this remarkable achievement: "This innovative solution marks a significant milestone in our mission to safeguard critical infrastructure and industrial systems. By offering a comprehensive and automated approach to compliance with this essential standard, we are empowering organizations to strengthen their security posture and defend against the evolving cyber threats targeting OT and IoT environments. Our commitment to excellence in cybersecurity continues to distinguish us as a global leader in the field."
CyberAssessor is part of the broader MicroSec MicroIDS platform, which enables continuous assessment and monitoring of new threats and vulnerabilities. When a threat or vulnerability is detected, it is isolated, triggering an immediate response that can be automated or customized based on user preferences. MicroIDS is the only platform today that combines cyber risk assessments with real-time threat and vulnerability detection, isolation, and response for OT/ICS environments, whether for multi-site operations or individual equipment.
CyberAssessor for OT/ICS marks a significant advancement in industrial cybersecurity for critical infrastructure, utilities, energy, and manufacturing. It leverages the company's deep expertise in asset detection, threat management, standards compliance, and AI. The platform bridges the gap between regulatory compliance and threat detection and response, while also safeguarding against future threats.
MicroSec is actively collaborating with global and regional partners, including certification bodies, consultants, and solution providers, to build a strategic OT cybersecurity ecosystem. The company aims to drive innovation, achieve standardization, and ensure compliance across the industry. Those interested in partnering, learning more about the solutions, or exploring potential opportunities are encouraged to visit www.microsec.io or contact the media relations team at [email protected] for further discussions.
Share this article