The National Renewable Energy Laboratory has released the results of its test on the Asimily risk management platform, which is under the second cohort of the Clean Energy Cybersecurity Accelerator, or CECA, program that the lab is pursuing to address cyberattacks on the energy sector.
The Asimily solution identified all assets, enabling consistent and rapid traffic sampling that can help energy infrastructure owners and operators identify risks in their industrial control systems, NREL said.
According to the lab’s report, Asimily uses a hybrid passive sampling methodology with periodic targeted active scans that enhance the networked devices’ visibility without significantly impacting system availability. The increased visibility of the Asimily-linked devices boosted their capabilities in mitigating vulnerability, detecting threats and incident response, the report added.
Back-End Capability Analysis
Nick Blair, technical team lead at NREL, noted that Asimily’s traffic sampling provides a high back-end capability to draw insights into the system environment. “It’s interesting how they are able to build a picture of the environment and highlight risks that might not be obvious to an asset owner,” Blair said.
Shankar Somasundaram, Asimily’s CEO, conveyed the company’s delight in helping secure the energy sector’s operations technology. “This evaluation demonstrates Asimily’s comprehensive capabilities, which are crucial for managing OT assets in the environment,” he said.
NREL assessed the cyber asset surface management tool runZero in another CECA cohort report released in July.