by Noam Taylor
I recently had the opportunity to chat with Ilan Barda, CEO and founder of Radiflow, an operational technology (OT) cybersecurity company. We discussed his journey as a founder, from where he began to where he thinks the industry is heading.
Barda initially spent six years developing cybersecurity products in Unit 8200 of the Israel Defense Forces (IDF). After his service with the IDF, Barda worked at Nokia but left in 2009 after the company began to apply strategic changes that he thought were unsustainable.
He co-founded Radiflow In 2015. In the beginning, the company focused on helping industrial networks with communications. It provided large-scale companies with centralized management of extended, complex systems. Radiflow also assisted in engineering and enabling these systems to move in a more frictionless way.
However, although these services were successful and necessary, they weren’t providing Radiflow with the growth that the company needed. So, Radiflow soon expanded its product line and began providing OT cybersecurity solutions within the same industrial manufacturing market.
According to Barda, what sets Radiflow apart from most of its counterparts in OT cybersecurity is a focus on making clients aware of their overall “risk posture,” rather than just monitoring clients’ systems and scouting for any anomalies.
As Barda put it, “Many of our clients have a sort of tunneled focus on producing their products. They are often very unaware of their cyber weaknesses. We make sure they have a ‘birdseye’ view of their systems flaws and are prepared to solve the problems that can occur, rather than just reacting to alerts about potential threats.”
He added, “Radiflow has even come across a few cases where the client’s leadership was operating under the assumption that their computer networks were airtight; when in reality they had exposed numerous off-network portals, some of which were even left by dead technicians. These unknown portals were just sitting there, ready to be taken advantage of by hackers.”
Barda explained that there are a few critical differences between OT and its sister field of information technology (IT) cybersecurity. First, with OT, one is fortifying complex industrial machinery, which requires a deep understanding of how the machines operate, as well as their various flaws. With IT, it’s just computer and software systems, so security requires no extra knowledge of how the machines’ engineering functions.
Also, in OT cybersecurity, there is a significant upside. Industrial manufacturing machines and the process of production are practically non-evolving. The machines are designed to do the same thing repetitively. This allows Radiflow to screen for anomalies on a flat and unmoving landscape. IT, in contrast, involves a cyber threat analysis process that is more fluid, as users can morph their activities significantly within the network. This makes detecting anomalies far more challenging.
Another serious distinction is found in the aftermath of a cyberattack. Breaches in an industrial environment cost manufacturers enormously as downtime results in lessened output. However, in IT, system downtime doesn’t usually cut into a company’s bottom line the same way, though there are some major exceptions to this rule. An outage is usually more of an annoyance than a significant loss with dollars and cents attached. To bring out the severity of this difference, Barda gave the example of pharmaceutical companies, where if a breach is discovered too late, an entire lot of much-needed medication could be disqualified based on concerns of safety and efficacy.
Aside from the vital but standard alerts and notifications, Radiflow designs attack simulations and tools that can better educate and prepare its customer for what may come. Barda said, “We make sure our clients have a tailor-made playbook that they can turn to in the event of a problem. It isn’t as simple as having a good backup system, although any good security strategy does. You need a list of protocols and unique techniques to best survive an attack.” The backup systems that Radiflow provides its industrial clients are designed to make a seamless transfer without any extra time wasted on a system reboot.
I asked Barda what he would have done differently had he been offered a ride back in time. He explained that when Radiflow was transitioning to OT, he wishes they would have moved quicker. At the beginning stage of the switch, the company tried to juggle both the communications services and the cybersecurity. “We should have leaned completely into the cybersecurity at that stage,” he said.
Barda also feels his company may have been too conservative with its opportunities at the beginning. Radiflow was very selective with whom and where they did business. He said, “It’s hard to know for sure, but it may be that we missed some growth due to our overly risk-averse strategy.”
Finally, Barda shared what was coming down the pike in the field of OT cybersecurity. He shared, “The first generation of corporations to deal with cyber threats were slow to understand the importance and necessity of cyber protection. They soon learned their lesson, though. And, at present, there is a general understanding that you must be protected. This has completely shifted the playing field. Because the market has recognized the need for real security measures, everything from attackers’ techniques to cybersecurity has leveled up. A world with higher walls means hackers must learn to jump higher.”
Noam Taylor is a freelance reporter for The Journal of Cyber Policy