Goldilock Partners with organisation behind NATO’s largest cyber defence exercise


Goldilock, the British cybersecurity startup behind a unique physical network isolation solution, has partnered with CR14, a cyber defence organisation established by the Estonian ministry of defence and host of NATO’s operative Cyber Defence Centre of Excellence (CCDCOE), to conduct testing activities with the aim of increasing the resilience of critical national infrastructure (CNI). Testing will occur under the banner of NATO’s Defence Innovation Accelerator for the North Atlantic (DIANA), a programme designed to equip governments and businesses of member countries with the skills and knowledge to navigate the world of deep tech and dual-use innovation and to which Goldilock was the only cybersecurity firm selected to become a member.

The convergence of OT and IT in CNI networks makes them complex to defend, while they remain a prime target for state-sponsored cyber-attacks. The partnership between Goldilock and CR14 will demonstrate the benefit of being able to instantly disconnect and physically segment CNI networks such as those governing energy grids and gas and water utilities. Testing will be supported through NATO DIANA’s Test, Evaluation, Validation and Verification (TEVV) grant programme to tackle problems with CNI security architecture.

“Our testing partnership with CR14 will demonstrate exactly how CNI organisations can ensure assets remain secure and take back control,” said Tony Hasek, CEO and Co-Founder of Goldilock. “The global cyber threat landscape continues to grow, and as critical national infrastructure remains the focus of brazen cybercriminals – especially state-sponsored actors – no organisation operating in this sector is safe. It’s crucial, therefore, that organisations in NATO-member countries question whether their OT or IT systems and digital assets need to be constantly online. The new default should be disconnection, with connection and disconnection able to occur on-demand, which is precisely what Goldilock’s patented hardware solution delivers.”

The testing will take place in two phases, starting with a tabletop exercise that will bring together cybersecurity and CNI experts to determine It will also examine operational aspects such as personnel and skills requirements and optimal procedures for employment of Goldilock’s cybersecurity technology to ensure the strongest possible integrated cyber defence and safe operation of CNI systems. Building on these findings, the second phase will involve a ‘real-life’ scenario test. Using CR14’s power grid simulation, this stage will measure key performance parameters and assess the technology’s usability in a practical setting. CR14 and Goldilock will then present the results of the testing jointly in a simulation exercise at both the NATO DIANA Demo Day and also the Latitude59 Conference in May, where CR14 will bring their energy grid wall.

Peter Lenk, Technical Lead at Goldilock commented: “CR14’s wide range of cyber expertise, makes this partnership an incredibly effective one. Its ability to simulate sophisticated cyber-attacks and a physical emulation of a power grid will also demonstrate the true potential Goldilock’s kill-switch delivers in this sector. Recent attacks on UK critical national infrastructure, such as that on Southern Water earlier this year, have demonstrated the huge impact cyber incidents can have on society. Disconnecting CNI from the internet is key to keeping it safe and it allows industry managers to step outside of the cybersecurity arms race and hands them back control of system safety.”

“Goldilock’s hardware-based cyber solution is the perfect pairing to our cyber-physical approach to testing and then reinforcing the security of critical infrastructure,” said Silver Andre, CEO of CR14. “The results of this collaboration could be a game-changer across NATO member countries. Imagine power grids and water treatment plants impervious to cyberattacks – that’s the future we’re working towards here.”



Source link