Cross Domain Security for Critical Infrastructure
- Feb 15, 2022 10:54 pm GMT
Cybersecurity has always been a key concern in the critical infrastructure sector. But in 2021, security is taking on even greater importance, due to the convergence of two factors: the growing need to share operational technology data, and the growing risk of attack by sophisticated threat actors.
To help critical infrastructure organizations meet these challenges, Owl Cyber Defense is introducing a new class of cybersecurity technology: a cross domain solution for critical infrastructure.
What’s a cross domain solution?
A cross domain solution (CDS) is the strongest, most capable security technology available–much more secure and powerful than industrial firewalls or other software-based solutions. A CDS is an integrated solution consisting of a secure operating system and software running on a secure hardware platform. Cross domain solutions are widely used by military commands and intelligence organizations to control the flow of data between networks or devices in different security domains.
Unlike software-based firewalls, cross domain solutions provide hardware enforced security (using data diode technology) to ensure that data can flow only in the intended direction. Cross domain solutions also provide advanced data filtering and validation capabilities to enforce security policies and neutralize malicious data.
Until now, the use of cross domain solutions has been limited to military and intelligence operations–in fact, the solutions used by the U.S. government cannot be exported or sold commercially. But to meet the evolving needs of critical infrastructure organizations, Owl has developed a commercially available cross domain solution that provides the same level of control and assurance as a government-only solution.
IXD—Industrial Cross Domain Solution
Owl’s new industrial cross domain solution, IXD, takes security to the next level for energy providers, oil and gas companies, transmission and distribution organizations, and other critical infrastructure organizations. IXD provides multiple, simultaneous, one-way or bidirectional data transfers between trusted and untrusted networks, systems, and devices, with support for a wide range of protocols and data types.
Owl developed IXD in response to requests from customers who required a combination of high performance and advanced security capabilities that were not previously available outside the military and intelligence sectors. And IXD is on the job today–a leading U.S. energy provider recently deployed Owl’s IXD solution to provide assured simultaneous transfers of FTP/SFTP, HTTPS, and PI System historian data flows as part of a large-scale cybersecurity enhancement to improve their NERC CIP security posture.