Critical Infrastructure Security , Governance & Risk Management , Operational Technology (OT)
Opswat CEO on the Malware Crippling Critical InfrastructureBenny Czarny on How FileScan.IO Brings Malware Analysis to Critical Infrastructure
Malware analysis and sandboxing solutions traditionally have been bound to operating systems and file types, but file types in the critical infrastructure world are different.
See Also: OT/IoT Security Report - A Deep Look Into the ICS Threat Landscape
Critical infrastructure cannot rely on standard malware analysis tools given the unique operating systems used in operational technology. But organizations still want to understand who's targeting them, says Opswat founder and CEO Benny Czarny.
That's why Opswat purchased malware analysis startup FileScan.IO in October to give customers more visibility into what adversaries know and what damage they've inflicted.
"In operating systems, APIs are common," Czarny says. "So FileScan.IO took advantage of that, mapped all the APIs of operating systems and document files, and enables us to simply emulate what will happen if you run this specific application, this specific executable, or this specific document on this specific operating system. It then provides a pretty good analysis of whether it's going to be malicious or not."
In a video interview with Information Security Media Group, Czarny also discusses:
- Why Opswat has brought asset discovery and inventory management to OT;
- How Opswat has simplified the process of monitoring OT environments;
- The biggest market opportunities for critical infrastructure defense in 2023.
Czarny founded Opswat with a personal investment to offer a unique, market-driven approach to security application design and development. He has more than 20 years of experience in successfully identifying market needs and building, marketing and selling innovative, cloud-based security products and solutions. From the early days of computer viruses, Czarny was interested and involved in the fields of encryption, network operations, and security vulnerabilities detection and research. Prior to founding Opswat, he held technical leadership positions at NetManage, Netect and BindView.