Welcome to the latest edition of our series, "Inside Our Portfolio", where we engage in insightful conversations with leaders from our portfolio companies. This series aims to provide you with firsthand perspectives from those at the forefront of innovation and growth.

In this issue, Todd H. Poole (Managing Director of Hewlett Packard Pathfinder) interviews Robert M. Lee, CEO and Co-founder of Dragos, a cybersecurity startup specializing in protecting industrial control systems (ICS) and operational technology (OT) from cyber threats through threat intelligence, incident response, and security solutions.

TP: When people think of cybersecurity, they typically imagine traditional IT assets – servers, laptops, cellphones, Inboxes – how do OT environments differ, and how does Dragos address these differences compared to traditional IT cybersecurity solutions?

RL: Operational Technology environments are different from traditional IT environments in that they control and monitor physical processes and equipment rather than manage data. When OT systems are disrupted, we have energy outages, product shortages, water safety hazards, and halted manufacturing. Because OT runs the revenue-generating side of the business that produces goods and essential services, cyber threats can cause significant financial loss and reputational damage. Dragos provides specialized OT cybersecurity technology and services that protect industrial operations from disruption, maintain safety, protect intellectual property, and build resiliency. The Dragos Platform identifies what assets are in the OT network, monitors the full OT environment, and provides OT vulnerability management and threat detection.

TP: Dragos has made some pretty impressive moves within the last year: acquiring Network Perception to enhance OT network visibility, integrating with CrowdStrike for improved threat detection. How have these improved Dragos’ ability to respond to cyber threats?

RL: The acquisition of Network Perception and integration with CrowdStrike have enhanced security and response times for organizations with OT environments. NP-View helps customers strengthen their network defenses by providing a clear view of their OT network devices and the paths that connect them. One of the key ways to prevent adversaries from getting into OT environments is through network segmentation, but validating access controls can be extremely challenging. NP-View helps customers evaluate the risks associated with firewall access rules, validate segmentation designs, analyze potential attack paths to critical OT assets, and streamline reporting—which also simplifies compliance to regulations.

The expanded partnership with CrowdStrike helps SOC analysts using CrowdStrike Falcon® Next-Gen SIEM to respond faster and more effectively to OT threats. Integrating OT threat intelligence from the Dragos Platform into CrowdStrike's SIEM allows these SOC analysts to quickly identify malicious behavior on OT networks, while also having the context to reduce false positives and prioritize mitigations.

TP: Dragos has played a pivotal role in protecting America’s utilities and public infrastructure. So much so that the company has launched a public sector subsidiary to tackle OT security in government. What are your strategic goals for this new entity, and how will it address the specific challenges faced by state and federal organizations?

RL: The goal of Dragos Public Sector LLC is to provide cybersecurity solutions that help federal and state organizations protect our nation’s critical infrastructure, as well as other OT environments — such as fuel, logistics, and building automation systems at government facilities. These solutions improve visibility, detection, and response to cyber threats. Agencies use the Dragos Platform with its automated asset discovery, risk-based vulnerability prioritization, and OT-specific threat intelligence to make sure they are addressing their most critical security needs first. Our OT response playbooks streamline investigations and recovery. With our team of expert government cybersecurity experts, we help government organizations to be safer and more resilient, and to comply with stringent regulations.

TP: You recently spoke about cybersecurity complexity at the World Economic Forum Annual Meeting in Davos, and noted that CEOs and board members are increasingly focused on cyber threats to their OT environments. What advice would you give these executives as they look to protect their organizations at their level?

RL: In Davos I heard a definite increase in awareness and concern among CEOs, board members, and world leaders about the risks to OT. This is a critical shift in their understanding of the importance of protecting the OT systems that control essential industrial processes and critical infrastructure. For leaders looking to understand how to effectively prioritize OT cybersecurity at their organizations, I recommend they ask the right questions, hold their teams accountable for the appropriate metrics, and support a culture of transparency around weaknesses that need to be addressed. Improving OT cybersecurity can feel complex and overwhelming if it’s new to their teams, so a good place for teams to start is with the most important basics and best practices. This can be found in the SANS Institute's Five Critical Controls for OT Cybersecurity. These controls include developing an ICS incident response plan, building a defensible architecture, gaining network visibility, using secure remote access, and conducting risk-based vulnerability management. Organizations should know that defense is doable, but the time to act now.

If you like this article consider subscribing to our bi-monthly newsletter to get information about our portfolio, solutions, and insights delivered to your inbox.