Wärtsilä

Tenable OT Security automates asset discovery and visualization at scale

Tenable OT Security enables Wärtsilä to identify assets, communicate risk and prioritize action all while enabling its IT and OT teams to work better together. Knowing exactly which assets exist, their configurations and full situational awareness of both sides of the house, empowers the security team to see and understand the big picture.

According to Bailey, Wärtsilä tested several vendor technologies before selecting Tenable OT Security.

“Many of these asset management tools are passive – they sniff the network by looking at the traffic at the mirror port and using that information to decipher assets. Tenable uses a proprietary approach to query devices in a safe way, PLCs for example, to get rich asset information. And that’s where it really shined for us,” says Bailey.

Tenable OT Security’s automated asset discovery and visualization capabilities provide a comprehensive, up-to-date inventory of all assets. This includes workstations, servers, human machine interfaces (HMIs) and programmable logic controllers (PLCs), including dormant devices that do not communicate frequently over the network. The latter it uncovers by leveraging its patented active querying capabilities. The results are detailed device information,such as firmware and OS versions, internal configurations, and serial numbers.

Wärtsilä is preparing itself and its customers to operate in a new regulatory landscape. “With regulations like the Cyber Resilience Act coming into law, the need to disclose real-time vulnerability information in a short amount of time adds a huge challenge we'd not be able to meet without a solution like Tenable OT Security,” says Bailey.

As Wärtsilä rolls out the Tenable OT Security solutions across its dynamic environment, the partnership with the Tenable team has been crucial for a successful deployment.

“The great thing about using Tenable OT Security is working with the Tenable people,” says Bailey. “They have great technical expertise, appropriately sizing our environment and positioning us to scale as our licensing needs grow.”

Wärtsilä helps customers visualize asset inventory and protect key infrastructures

Now, Wärtsilä has the capabilities to deliver a complete asset inventory to its customers. During site acceptance testing, Tenable OT Security is integrated with each customer’s environment to provide a way to scan the project delivery and existing assets to obtain a complete asset inventory, as well as allow manual asset enrichment for legacy devices. This improved visibility helps customers protect critical infrastructure while meeting compliance requirements.

“There is no silver bullet when asset scanning in an OT environment – you can’t get to 100 percent. Some of these old devices are not compatible with any proprietary protocols or even Simple Network Management Protocol,” says Bailey. “A flexible tool like Tenable OT Security, which allows for manual asset enrichment, is essential.”

Wärtsilä is also helping its customers save time and increase productivity. Before integrating Tenable OT Security, the asset inventory was tedious and time consuming, taking, on average, two technicians around seven hours per installation. Automated processes help technicians work more efficiently, which increases the number of completed installations each day, with improved accuracy.

“Automating the asset inventory process saves Wärtsilä’s suppliers several hours of tedious work, while improving the accuracy of the inventories for customers,“ says Bailey. “With fewer errors and more consistency in the data, Wärtsilä is able to standardize and normalize the data.”

Tenable OT Security can also create an asset map based on what it senses on the network. As various OT assets “talk” to each other across the network, Tenable OT Security uses that information to gather valuable context. How are the assets connected? What else are they connected to? How are these assets related to one another?

"Our vision is to use Tenable OT Security to create a digital twin – a 3D map of how devices are connected and snapshots of all configuration changes – with near real-time asset visibility,” adds Bailey. “In the past, we've done it on an adhoc basis, but the data is only good for that point in time, the process is time consuming, and we may not get all of the device context we need."

In addition to providing customers with complete and accurate asset inventories, Tenable is enabling Wärtsilä to develop new services that help customers visualize their OT environment. Tenable Security Center, a vulnerability reporting engine that gathers and evaluates vulnerability data distributed across the enterprise, will enable rich reports that illustrate vulnerability trends over time, allowing Wärtsilä’s customers to assess risk and prioritize vulnerabilities.

“In the future, we will install Tenable Security Center and provide a dashboard and reports to customers through a service we’re calling the ‘Asset Visualization Service’. When customers don’t know what assets they have, we can provide an inventory and a vulnerability report,” says Bailey.

Read the press release about how Wärtsilä is Solving OT Asset Management challenges for its energy customers.