Symantec Corp has introduced Industrial Control System Protection (ICSP) Neural, the industry’s first neural network-integrated USB scanning station that helps organisations protect critical infrastructure by preventing the physical consequences of cyber attacks on operational technology (OT). Symantec ICSP Neural utilises artificial intelligence (AI) to prevent known and unknown attacks on IoT and OT environments by detecting and providing protection against malware on USB devices. ICSP Neural stations scan, detect USB-borne malware, and sanitise the devices. Existing ICSP deployments have shown that up to 50 per cent of scanned USB devices are infected with malware.
“USB devices are given away at events, shared between co-workers, and reused again and again for business and personal use, introducing the risk of accidental or malicious infection. The impact of connecting an infected device to a critical system can be devastating. Behind the scenes, ICSP Neural will retrofit existing infrastructure with a central nervous system to provide protection for critical infrastructure. On the front end, a rugged aluminum design embodies a simple, intuitive user experience that clearly highlights potential threats,” said Patrick Gardner, Senior Vice President – Advanced Threat Protection and Email Security, Symantec.
Simplifying the scanning process is critical to overall security hygiene, as operational technology environments are often in remote areas or field operations, far removed from an organization’s IT teams. As such, the ICSP Neural scanning process is simple, requiring no specific security or IT training. Once connected, ICSP Neural emits visualisations and real-time signals through the LED light ring that indicate when malware has been detected and sanitised.
The Symantec-designed neural engine harnesses the power of Symantec’s threat intelligence network to increase detection efficacy by up to 15 per cent. It also detects adversarial machine learning attempts and initiates self-learning to provide protection against unknown threats. The AI-powered technology can learn in real-time, leading to sustained efficacy with limited internet connectivity – up to twice as long. These artificial intelligence and organic self-adaption capabilities can protect organisations against emerging and future attacks. The neural engine enables high-intensity detection with near-zero false positives (as low as one hundredth of a percent). These capabilities are accomplished using just a tenth of the bandwidth of other similar solutions – an indispensable feature for systems using VSAT connections.
ICSP Neural supports a full range of OT and IoT devices and systems. The optional enforcement process prevents use of unscanned USBs with less than a 5MB installation footprint and can be deployed on operating systems from Windows XP to Windows 10 (Linux support is planned in 2019).
As part of the Integrated Cyber Defense strategy, ICSP Neural complements the latest version of Symantec’s Critical System Protection (CSP) software; a flexible and compact behavioral security engine built with application whitelisting, infused with anti-exploits for managed or standalone devices. CSP 8.0 provides a no-internet, policy-based approach to endpoint security, securing devices from known and unknown zero-day exploits and attacks, even on legacy operating systems.