Securing Critical Infrastructure: New Partnership Validates Every Machine Connection

By Carol Moore – AI in Healthcare: Innovation & Implementation

WASHINGTON, D.C. – The convergence of operational technology (OT) and information technology (IT) is creating unprecedented opportunities for efficiency and innovation – but also exponentially expanding the attack surface for critical infrastructure. A new partnership between Corsha, a machine identity provider, and Dragos, a leading OT cybersecurity firm, aims to address this growing threat by validating every machine connection within industrial control systems (ICS). This approach moves beyond perimeter defenses and focuses on securing the often-overlooked ‘invisible layer’ of machine-to-machine (M2M) communication.

For years, OT networks operated in relative isolation, secured by ‘air gaps’ and a reliance on specialized protocols. However, these defenses are increasingly inadequate in the face of sophisticated cyberattacks and the demands of digital transformation. The proliferation of connected devices, the adoption of cloud-based services, and the increasing integration of IT and OT systems are creating new vulnerabilities that attackers are eager to exploit. A security professional stated, “The traditional air gap is no longer a viable defense. We’re seeing increasingly sophisticated attacks that can bypass these barriers and target critical infrastructure.”

The core of the Corsha-Dragos partnership is a seamless integration that combines Corsha’s dynamic machine identity management with Dragos’s comprehensive threat detection and response platform. Corsha's technology continuously authenticates every machine connecting to the OT network, ensuring that only authorized devices can communicate. This goes beyond static IP address filtering and relies on a dynamic, continuously updated trust model. Dragos then leverages this identity information to enhance its threat detection capabilities, providing deeper context and improving the accuracy of its alerts.

“What we’re seeing is a need to move beyond simply detecting threats to knowing which assets are legitimate and authorized,” explains a cybersecurity analyst familiar with both companies’ technologies. “This integration allows for a more granular level of control and reduces the risk of false positives, which can overwhelm security teams.”

The Invisible Layer: Addressing a Critical Security Gap

The partnership directly tackles a critical security gap: the lack of visibility and control over M2M communication. In many OT environments, a significant portion of network traffic occurs between machines without any human intervention. This ‘invisible layer’ is often poorly monitored and can be exploited by attackers to move laterally within the network and compromise critical systems.

“Traditional security tools are often blind to this type of traffic,” says a security professional specializing in ICS. “They focus on detecting malicious activity initiated by humans, but they struggle to identify anomalous behavior between machines.”

Corsha’s technology addresses this challenge by providing continuous authentication and identity management for every machine on the network. This allows security teams to establish a baseline of ‘normal’ behavior and quickly identify any deviations that could indicate a potential threat. Dragos then leverages this information to improve its threat detection capabilities and provide more accurate alerts.

Zero Trust for Industrial Control Systems

The partnership is also aligned with the growing trend of Zero Trust architecture. Zero Trust is a security model that assumes no user or device is trusted by default, regardless of whether they are inside or outside the network perimeter. Every access request is verified before being granted, and all network traffic is continuously monitored.

The Corsha-Dragos integration effectively applies Zero Trust principles to industrial control systems by verifying the identity of every machine before allowing it to connect to the network. This reduces the attack surface and minimizes the risk of unauthorized access.

“Zero Trust is becoming increasingly important in OT environments,” explains a cybersecurity consultant. “The traditional perimeter-based security model is no longer sufficient. We need to move towards a more granular, identity-based approach.”

Bridging the OT-IT Divide

Perhaps one of the most significant aspects of this partnership is its potential to bridge the historical divide between OT and IT security teams. Historically, these two groups have operated in silos, with different priorities and expertise. However, as OT and IT systems become increasingly integrated, collaboration is essential.

The Corsha-Dragos integration provides a common platform for both teams to collaborate and share information. IT security teams can leverage Dragos’s OT-specific threat intelligence, while OT teams can benefit from Corsha’s expertise in machine identity management. This collaborative approach can significantly improve the overall security posture of critical infrastructure.

“Historically, OT and IT teams haven’t always spoken the same language,” says a cybersecurity executive. “This partnership helps to bridge that gap and foster a more collaborative security culture.”

Looking Ahead
The partnership between Corsha and Dragos represents a significant step forward in securing critical infrastructure. By focusing on machine identity management and applying Zero Trust principles, this integration addresses a critical security gap and helps to protect vital systems from cyberattacks. As the threat landscape continues to evolve, collaboration and innovation will be essential to maintaining the security of critical infrastructure. The future of OT security hinges on adopting proactive measures like these, moving beyond detection to actively validate every connection within the network. This will require not only technological advancements but also a cultural shift towards greater collaboration between IT and OT teams.