New Horizons in Cybersecurity with SIGA

01 - Feb 2024

In an era where the landscape of cybersecurity is perpetually evolving, I firmly believe that the pillars of continuous learning and unwavering collaboration are indispensable in maintaining a step ahead of emerging threats. It is with a profound sense of duty and an eagerness to contribute that I announce my new advisory role at SIGA, a vanguard in fortifying Level Zero OT resilience, serving as their Director of North America Sales. This opportunity resonates deeply with my commitment to national security, a commitment that was profoundly shaped by my experience within the Pentagon during the September 11 attacks.

My role at SIGA arrives at a critical juncture in history– echoing from recent warnings from the FBI Director about state-sponsored hackers poised to “wreak havoc” on our essential services, including water treatment facilities, electrical grids, and oil & natural gas infrastructures. Such threats not only potentially undermine our way of life but also pose significant risks to personal safety and our collective well-being

As we navigate these challenging times, I am dedicated to leveraging my expertise and passion to contribute to SIGA’s mission of providing resilience to Operational Technology by ensuring the most critical assets within critical-infrastructure, the pumps, actuators, valves, or generators that facilitate these essential services are operating as expected. Ensuring the security of our critical infrastructure is not just a priority, but a steadfast commitment to protecting our nation and its citizens. Together, with a shared vision and collaborative effort, we can fortify our defenses and safeguard our future.

SIGA: A New Approach to OT Cybersecurity

SIGA’s innovative approach to cybersecurity caught my attention for its unique focus on Operational Technology (OT) at Level Zero. Unlike traditional cybersecurity approaches which monitor data packets, SIGA’s SigaGuard system observes out-of-band, raw electrical signals of physical equipment –which cannot be manipulated, spoofed, or hijacked. This approach offers an unprecedented level of security and resilience in critical infrastructure to rely and depend on the information you’re viewing is in fact the “ground truth”. The way that I think of it is using an analogy of a smoke detector. Smoke detectors essentially operate on the physical level, they detect the presence of smoke indicating there is a fire, while lots of effort is put into fire prevention and suppression systems, smoke detectors are required for good reason, to provide an alert when something is amiss. This is the same thing with SIGA, where we can tap into I/Os to monitor for anomalous activity at the physical level where the physical manifestations there are “not hackable”. I believe that every critical control network should have such an alert system.

Why SIGA’s Work Resonates with Me

  1. Enhanced Cyber Resilience in IT-OT Convergence Across Key Industries: SIGA’s technology is particularly vital in sectors where the convergence of IT and OT networks is most prevalent and critical. These industries include power generation and distribution, water treatment facilities, manufacturing, and transportation systems, among others like we’ve seen with MGM and Caesars Palace with the casino operations and room occupancy controls. In each of these sectors, the blend of information technology (IT) and operational technology (OT) creates unique cybersecurity challenges. SIGA’s approach ensures robust protection against cyber threats in these interconnected environments. Furthermore, SIGA’s technology aligns well with emerging cyber policies and industry standards that increasingly emphasize the need for enhanced security in critical infrastructure. For instance, policies such as the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity provide guidelines for managing cybersecurity risk. These frameworks are seeing updates to address the growing complexities of IT-OT integration. Additionally, draft legislations and proposals in various regions, aimed at bolstering cybersecurity in critical infrastructure, are starting to highlight the importance of technologies like SIGA’s. These evolving policies underscore the growing recognition of the unique challenges at the intersection of IT and OT, and the need for specialized solutions like those offered by SIGA.
  2. Deep Process Visibility for System Integrity: The level of detail provided by SIGA’s solutions in monitoring operational processes is nothing short of remarkable. This granular visibility is not just about observing what’s happening; it’s about understanding the intricacies of these processes with pinpoint accuracy. This capability is especially important when it comes to identifying irregularities in critical systems. By doing so, SIGA ensures that any deviations from the norm are quickly identified and addressed, maintaining the highest levels of system integrity.
  3. Innovative Anomaly Detection with AI Precision: SIGA’s use of AI in anomaly detection sets a new standard in the field. The AI-driven approach allows for a more nuanced understanding of potential risks, many of which might go unnoticed by humans or conventional systems. This technology provides focused, accurate, and early warnings to anomalies, enabling proactive measures to be taken before they escalate into major issues. This level of innovation is instrumental in preemptively securing OT environments, marking a significant advancement in cybersecurity practices.

Balancing Roles: Consultant and Advisor

While continuing my work with Hytelligence Solutions, my role with SIGA offers a unique opportunity to delve deeper into OT cybersecurity. This balance allows me to bring a diverse perspective to the table, enriching both my consultancy and my work with SIGA.

A Humble Step Forward

Joining SIGA in this advisory capacity is a step that I approach with both humility and eagerness. In the complex and ever-evolving world of cybersecurity, I believe in the power of simple yet effective solutions. SIGA’s approach, akin to a cyber smoke alarm, exemplifies this philosophy by focusing on direct anomaly detection rather than the more complex and often error-prone methods of monitoring higher levels of network traffic, as outlined in the Purdue Model.

This step is not just about personal growth, but also about contributing to a shift in the industry towards solutions that are both straightforward and powerful. The beauty of SIGA’s approach lies in its simplicity and directness, qualities that are often overlooked in the search for sophisticated solutions. By alerting to anomalies at the foundational level, SIGA is setting a new standard for cybersecurity – one that is as effective as it is elegant.

As I embark on this journey with SIGA, I am reminded of the continuous learning that the field of cybersecurity demands. Each day brings new challenges and opportunities, and I am excited to contribute to and learn from a company that is redefining the norms of cybersecurity with its innovative approach.

Interested in learning more?

If you’re curious about SIGA’s innovative approach to OT cybersecurity or wish to discuss the evolving landscape of digital security, I would be more than happy to connect. Whether you are in the industry or simply share an interest in cybersecurity, let’s open a dialogue to explore how we can contribute to a safer digital future together.