solar

Utility-backed energy investment and innovation firm Energy Impact Partners (EIP) has invested in cybersecurity company Attivo Networks.

EIP has become a strategic investor in Attivo Networks to help the company to expand its portfolio of energy sector-specific deception technology and increase its go-to-market activities to broaden its customer base of utility companies around the world.

The investment comes at a time cybersecurity continues to be a top priority for the energy sector given the potential economic and human safety impact of an outage to critical infrastructure. 

The rapid digitisation of the energy industry has brought many operational benefits but has also increased the potential attack surface and the need for enhanced visibility and detection of cybersecurity threats.

Sameer Reddy, Partner at EIP, said: “Attivo Networks’ deception platform provides operators with a high-fidelity detection layer to better secure enterprises and industrial control systems of all sizes.”

Tushar Kothari, CEO of Attivo Networks, added: “Operational technology environments present their own unique set of challenges associated with securing devices, which often cannot run anti-virus software, be patched, or are simply not designed to be interconnected.

“Deception technology provides early detection and misdirection of in-network threat actors attempting to tamper with operational technology environments. Attackers will unknowingly attempt to compromise a decoy asset, providing the highest caliber alert backed by the adversary intelligence required to quickly isolate and remove the threat.”

Attivo Networks provides deception technology based on decoys and lures, which are designed to efficiently detect and misdirect in-network attacks. The decoys seamlessly deploy in operational technology environments and appear identical to industrial control systems (ICS) and supervisory control and data acquisition systems (SCADA). With one mistaken touch, the attacker reveals their presence and arms security teams with ultra-high-fidelity alerts. Once an alert is raised, the solution’s built in attack analysis engine automates the process of gathering threat intelligence, correlating attack data, and responding to an alert. This reduces the investigation and response time from hours to minutes.