When the lights turn on, the faucets work, and the trains run on time--that's a good day. Dragos exists to safeguard civilization.
Today Crowdstrike and Dragos issued a joint press release to finally announce the partnership we’ve developed over the course of the last year. This partnership allows our customers the benefits of Crowdstrike’s experience within the enterprise network to be combined with the Dragos expertise of the industrial control systems environments. This means the Dragos Threat Operations Center and the Crowdstrike team can jointly respond to large scale attacks that straddle the IT and OT environments in an effective way while giving scale and depth that no other partnership offers today.
The ICS Cyber Kill Chain is illustrative in why the Crowdstrike/Dragos partnership is so powerful. Stage 1 occurs within the traditional corporate or enterprise networks while stage 2 of the attack then pivots into the industrial control environments. This pivot from IT into OT is absolutely taking advantage of the bifurcation of teams, roles, responsibilities, and capabilities. Our announced partnership gives our mutual customers the ability to approach both sides of the problem in an effective fashion. The Dragos TOC is staffed with experienced responders who investigate and respond to threats in ICS environments. We have an incident response service to help teams plan, resource, and provide the expertise needed to respond to industrial security incidents efficiently. This gives teams the flexibly, experience and depth needed when it matters most. Ever critical, the TOC believes in working closely with the onsite teams prior to an incident to engage and educate. We accomplish this through a range of services including site compromise assessments, threat hunting services, training and conducting tabletop exercises.
We’re looking forward to further eroding the IT/OT divide to gain the upper hand against attacks against industrial control systems and processes.