• United States



UK Editor

Nozomi Networks announces Vantage IQ to address security gaps in critical infrastructure

May 16, 20233 mins
Critical InfrastructureThreat and Vulnerability Management

Vantage IQ is built to enhance threat detection and remediation with AI-assisted data analysis to help security teams reduce cyber risks across IT, OT, and IoT devices.

Palo Alto Networks
Credit: Shutterstock

Nozomi Networks has announced the upcoming release of Vantage IQ, a new AI-based analysis and response engine designed to address security gaps and resource limitations in critical operational infrastructure. The new offering will be available from Q3 2023 as an add-on to Vantage, Nozomi Networks’ SaaS-based security management platform. It is built to enhance threat detection and remediation with AI-assisted data analysis to help security teams reduce cyber risk and response times, the firm said.

Critical infrastructure is a prime target for cyberattacks, particularly during periods of geopolitical tensions with state-backed actors posing significant threats. Securing national critical infrastructure (CNI) and improving its cyber resilience is therefore high on the agenda for organizations, governments, and industry collectives.

Vantage IQ centers on autonomous analytics, intelligence across IT, OT, IoT devices

Vantage IQ focus on security analytics and automation, giving users the ability to understand what’s happening across a network of IT, OT, and IoT devices, extract process intelligence and priority tasks expanding networks and data sources, and lower response times with deeper insights, correlation, and actionable intelligence, according to a press release.

Key features in Vantage IQ include:

  • AI-powered insights via Vantage IQ’s Insights Dashboard show alerts that are automatically correlated, prioritized, and supported with root cause information. Deep neural networks identify activity patterns in network data, with data correlated to streamline forensic analysis, tuning, and security enhancements.
  • AI-based query and analysis help users gain a deeper understanding of their environment using natural language queries that answer common questions about vulnerabilities, network assets, and other environmental details.
  • Advanced predictive monitoring strengthens operational resiliency and prevents system outages with early warnings that system behaviors are deviating from the norm. The Time Series feature augments Vantage’s ability to alert to changes in the network with an additional level of alerting on unusual changes in the bandwidth of activity going through the sensors monitoring those networks. In the future, Vantage IQ will also alert on process variables enabling even great levels of predictive monitoring and maintenance.

Securing critical infrastructure high on the agenda

Last month, leading cybersecurity response firms Accenture, IBM, and Mandiant joined the Elite Cyber Defenders Program – a new, collaborative initiative designed to help secure critical infrastructure. Led by Nozomi Networks, the program aims to provide global industrial and government customers access to strong cybersecurity defense tools, incident response teams, and threat intelligence.

In April, the US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories covering vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws were rated critical and two had public exploits. In the same month, the UK National Cyber Security Center (NCSC) issued an alert to CNI organizations warning of an emerging threat from state-aligned groups, particularly those sympathetic to Russia’s invasion of Ukraine. The alert stated that newly emerged groups could launch “destructive and disruptive attacks” with less predictable consequences than those of traditional cybercriminals, with CNI organizations strongly encouraged to follow NCSC advice on steps to take when cyber threats are heightened.

Meanwhile, the hacking group responsible for the supply-chain attack targeting VoIP company 3CX also breached two critical infrastructure organizations in the energy sector, with one located in the US and the other in Europe,

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author