Israel's Rafael unveiled its Cyber Situation Awareness (SA) and Cyber Management System (CyMng) at Milipol 2021 exhibition, taking place currently in Paris, alongside its CYBER DOME and SCADA Dome cyber defense solutions. This, according to a report by monch.com website from the exhibition.
The first two solutions are aimed helping governmental agencies fill identified knowledge gaps in cyber security strategies. Rafael draws on extensive experience with the Israeli government, offering a comprehensive approach to cyber threat monitoring and detection.
The company believes no one has yet proposed a nation-wide approach to SA in cyberspace – responses to a cyber-attack are normally time-constrained and reactive to an event already in progress. Worse still, capability to assess the potential impact of a large-scale attack or virus infection is generally poor.
Cyber SA is a solution designed to collect and aggregate information from multiple infrastructure networks – airports, railways, seaports and IT and OT operations networks – to create a comprehensive image of current cyber threats. The reporting mechanism takes into consideration the international nature of cyber threat and the software therefore constantly monitors global events from the customer perspective.
Relevant events are detected and classified over time and ranked by sector (health, energy, transport, finance) and by threat (malware, ransomware, denial of service, etc.). Cyber SA provides the client with a comprehensive picture of what is happening in cyberspace, and what phenomena might affect the country, in which sectors and at what order of magnitude.
CyMng is the natural complement of Cyber SA, as it allows for automated reactive and proactive information-gathering and incident response processes. Threats can be identified in advance, vulnerabilities can be detected and incident response metrics collected.
By comparison, the system can reveal whether ongoing attacks are characterized by common techniques or sources as used in earlier events, thus helping the customer agency to understand where the attack comes from and what its potential impact on critical infrastructure might be.