Koch Industries Secures Manufacturing Technology with Dragos Platform on AWS

Executive Summary

Koch Industries drives continuous improvement on products that meet customers’ everyday needs, including paper, electronics, textiles, building materials, and ERP solutions specialized by industry. To minimize security risk across their businesses, support a plan for digital transformation, and increase connectivity, Koch adopted the Dragos Platform cybersecurity management solution, both on-premises and, in the case of Guardian Industries, on Amazon Web Services (AWS). With Dragos, Koch now maintains a secure, accurate inventory of assets, has expanded their use of AWS services in their manufacturing environments, and can proactively monitor and detect threats, vulnerabilities, or malicious behavior on their networks.

Increasing Supply Chain Connectivity with a Focus on ICS/OT Cybersecurity

Driven by a safety-first focus, Koch Industries was searching for a secure cloud connectivity solution for their manufacturing environments to help them achieve greater up-time, reduced scrap, and improved throughput. Koch acknowledged that new connections to their factories could increase the risk of exposure to threats for industrial control systems (ICS) and operational technology (OT). They found themselves needing a cybersecurity solution that could provide deep asset visibility, vulnerability management, and accurate threat detection to prevent threats to worker safety, loss of Koch intellectual property, and the widespread impact of a cybersecurity incident.

During their search, Koch wanted to minimize disruption to production or network performance and recognized that achieving increased cybersecurity without disruption would require technology that simplified risk management across complex environments, even with disparate technologies.

kr_quotemark

What's been helpful with Dragos is not just the technology, but the expertise that they bring to the table.”

Gabe Green
Chief Information Security Officer, Koch Industries

Solving Critical Cybersecurity Gaps

As an industry-leading manufacturer, Koch’s equipment uptime is critical to the business’s success. The disruption security threat causes poses a larger concern, with the potential impact being the loss of control that results in a facility health and safety incident or the potential loss of IP and revenue.

To maintain consistent security of their systems, Koch needed a solution that would improve their cybersecurity risk management program for ICS/OT and resolve gaps in threat monitoring, limited network visibility across the OT environment, and the narrow capacity to detect, investigate, and respond to incidents. Koch turned to AWS Partner Dragos to deploy comprehensive, industrial cybersecurity technology and give visibility into their ICS/OT assets, vulnerabilities, threats, and response actions.

Achieving Visibility with Purpose-built OT Security

The Dragos Platform can analyze multiple data sources to provide unmatched visibility of your ICS/OT environment, including protocols, network traffic, data historians, host logs, asset characterizations, and anomalies. With the Dragos Platform on AWS, Koch was able to develop a comprehensive and scalable approach to digital transformation.

Unlike IT-focused solutions repurposed for OT environments, Dragos provides industrial-focused threat intelligence for its customers. This is enabled by threat behavior analytics that provides context-rich notifications for faster response times, reduced alert fatigue, and investigation support to help analysts respond to threats efficiently. This gives board members and staff greater confidence that cybersecurity risk is mitigated as services migrate to the cloud.

The Dragos Platform provides Koch with a comprehensive asset inventory, visibility into their OT network environment, and best-practice playbooks to guide teams as they investigate and respond to threats before a significant compromise. Along with the Dragos Platform, Koch has reduced strain on its internal security resources by leveraging the threat-hunting service: Dragos OT Watch. With it, Koch works alongside the industry-leading ICS analysts at Dragos to triage and investigate high-severity notifications leading to faster discovery of incidents.

Comprehensive asset protection

Dragos on AWS allows Koch to quickly visualize, detect, and respond to ICS/OT cybersecurity threats assess to protect their core business. Through increased security with Dragos on AWS, Koch has seen stronger stakeholder alignment and has confidently deployed solutions into their environments, including Amazon Lookout for Vision, Amazon Lookout for Equipment, Amazon Monitron, AWS Panorama, AWS IoT, and Amazon SageMaker. The Dragos solution also empowers Koch’s adherence to audit and compliance programs, improving visibility across the OT environment and allowing the company to meet compliance obligations faster and more accurately.

Koch can now identify ICS/OT threats, rapidly pinpoint malicious behavior on their ICS/OT networks, provide an in-depth context of alerts, and reduce false positive alerts for complete threat detection. The Dragos Platform on AWS has allowed Koch to develop a comprehensive and scalable approach to digital transformation, giving them confidence that their OT environments will be protected from cyber threats and vulnerabilities.

Koch

About Koch Industries

Based in Wichita, Kansas, Koch Industries is one of the largest private companies in America. Koch continuously works to improve and explore new ways to make life even better. With 120,000 global employees and locations in nearly every U.S. state and 60 countries, Koch companies offer abundant opportunities to improve life’s necessities–food, clothing, water, transportation, and technology.

AWS Services Used

Benefits

  • Secure business transformation by protecting industrial assets
  • Assess and manage industrial cyber risk to protect core business
  • Adhere to audit and compliance programs

About AWS Partner Dragos

Dragos has a global mission: to safeguard civilization from those trying to disrupt the industrial infrastructure we depend on every day. The Dragos Platform offers an effective industrial cybersecurity technology, giving customers visibility into their ICS/OT assets, vulnerabilities, threats, and response actions. The strength behind the Dragos Platform comes from the ability to codify Dragos's industry-leading OT threat intelligence, and insights from the Dragos services team, into the software. The community-focused approach gives you access to the largest array of industrial organizations participating in collective defense, with the broadest visibility available.

Published October 2023