Additional information

Source: Web-site of vendor

The project has been delivered on schedule

The budget has not been exceeded

Functionality complies with task

Description

Company. Nesher Israel Cement Enterprises is the largest cement producer in Israel. Owning large-scale production sites in Ramla and Haifa, Nesher produces about 60% of the cement used in the country's construction industry.

Challenge. Deciding to reduce risks and minimize downtime, Nesher’s management has made a strategic decision to invest in a specialized solution for industrial cybersecurity. The company realized that their SCADA network could potentially be subject to cyber threats that compromise the safety and productivity of their plants. So, employees, contractors and integrators very often connect to control devices using a cable or via a USB port. Thus, an attacker who has physical access to the network can connect to the controllers. Changes made to the controller code, firmware, or configuration changes cannot be detected during normal network monitoring. It is also possible that an employee or contractor unknowingly exposes the controller to threats by connecting a programmer with malware. It was necessary to take into account the working conditions of enterprises Nesher Cement. Since cement kilns operate around the clock at 1200 degrees Celsius, safety is the most important operational task of Nesher. Nesher furnaces and other critical facilities are controlled by industrial controllers, which, if compromised by cyber attacks, can lead to a serious explosion and even death. From a business point of view, an unforeseen cybersecurity event in the company's industrial network can completely stop cement production. Such an incident can cause a serious shortage of cement in the construction market of Israel, as well as the loss of millions of dollars in revenue and reputational damage to Nesher.
To avoid these scenarios, Nesher needed full visibility of their integrated network of process control systems in real time, with 24/7 notification of any changes to their controllers. Ease of use and operational support from suppliers was also taken into account when considering various options: the company needed that the operational teams of Nesher and security specialists could examine the system as soon as possible. This would help to avoid hiring new cybersecurity and OT experts and reduce training efforts.

Integration. With these requirements in mind and after a thorough evaluation by a technical team from a number of other vendors, Nesher chose the Indegy Industrial - a cybersecurity hybrid package that can be customized, which includes the Device Integrity solution. The Nesher team was particularly impressed with the comprehensive situational awareness provided by the Indegy solution. Nesher deployed the Indegy solution at its cement plant and power plant — both located in Ramla. During the deployment process, the Indegy team of professionals worked closely with Nesher experts to develop an optimal deployment strategy. “The Indegy team was very flexible and resourceful in solutions, helping us to speed up the introduction of the product into the system.” After just one day of work, I already felt confident with the user interface. ”
Niki Lukutin, Manager of Technology Development Department, Nesher


Results. The unrivaled visibility provided by Device Integrity allows Nesher to maximize network visibility. This is possible thanks to a patented technology that actively requests devices in the industrial Nesher environment, thereby ensuring that process control engineers know about every change in every asset in their network. This component provides unprecedented control over assets of process control, without affecting the speed or reliability of Nesher’s industrial operations. “We maximize the use of Device Integrity, but at the same time our SCADA environment does not experience any additional load”
Roy Shalev, CISO at Nesher.
By periodically taking snapshots of the device and comparing them with previous baselines, Device Integrity can detect changes and check if the integrity of the device is not compromised. Also, this Indegy solution has reduced installation costs per switch of the network or node that need to be monitored, ensuring that all routed parts of the network are monitored with a single device. Device Integrity allows Nesher to automatically discover all assets in its extensive industrial network, including inactive devices. Indegy collects and monitors all actions related to devices, creating up-to-date asset accounting in the company's automated process control system, including data stored on the devices themselves: Windows users, fix lists, firmware version and configuration of PLC modules. This detailed view of the state of each device allows Nesher to immediately detect incorrect configurations, identify potential security breaches and eliminate threats.

Light bulb pitch Device Integrity is the optimal solution for the most complete monitoring of all assets within complex SCADA environments.

Details

Business tasks

Enhance Staff Productivity

Ensure Security and Business Continuity

Manage Risks

Problems

Unauthorized access to corporate IT systems and data

Total high cost of ownership of IT infrastructure (TCO)

No monitoring of corporate IT processes

IT infrastructure does not meet business tasks

Low employee productivity

Risk of lost access to data and IT systems

Insufficient risk management

No control over implementation

Similar deployments

prev
next