Siemens will use Chronicle’s Backstory security platform for a managed service to secure energy customers’ information technology (IT) and operational technology (OT) across cloud and hybrid environments.
Backstory is Chronicle’s cloud-based security information and event management (SIEM) product, announced the day before the annual security mega event, RSA Conference, in March. At the time Chronicle also announced a handful of Backstory’s early customers, and Siemens was one of them.
The platform is built on sister company Google’s infrastructure and provides a centralized location for companies to upload and store all of their security log information from endpoints, network devices, and cloud services. It then uses artificial intelligence (AI) and machine learning to analyze this data to detect and investigate potential threats.
The partnership, announced at Siemens’ Spotlight on Innovation technology conference, will combine Backstory with Siemens’ industrial cybersecurity technology in a service managed by Siemens.
“Energy infrastructure is an obvious example of cyberattacks affecting the physical world and directly impacting people’s lives,” said Ansh Patnaik, Chronicle’s chief product officer, in a statement. “Backstory’s security telemetry processing capabilities, combined with Siemens’ deep expertise, gives customers new options for protecting their operations.”
This is particularly important to the energy industry because, according to research by Siemens and Ponemon Institute, this sector has historically been unable to centrally apply analytics to process data and to cost-effectively store and secure data. The research found that while 60 percent of energy companies want to use analytics, only 20 percent are actually using any analytics to do security monitoring in the OT environment. Small and medium enterprises are especially vulnerable to breaches as they often do not have the internal expertise to manage and address increasingly sophisticated attacks.
At the Backstory launch event, Mike Wiacek, chief security officer and co-founder of Chronicle, touted the platform’s flat pricing and said this makes it particularly appealing to businesses of all sizes. “It’s the only solution available to store, index, and search unlimited security telemetry,” Wiacek said. “Our pricing is flat and it’s agnostic to data volumes, which makes it economically feasible for companies of all sizes.”
While Google’s analytics cred is well established, Chronicle is an interesting choice because it’s such a new player in SIEM. It was originally part of Alphabet’s secretive X research lab and then launched as an independent business in January in 2018.
It’s also worth noting that other vendors — including Microsoft — are moving SIEM to the cloud. In March, shortly before Backstory’s launch, Microsoft rolled out a new cloud SIEM tool tool called Azure Sentinel. At the time, Microsoft claimed it was the first cloud-native SIEM in a major cloud platform (Azure). So we’ll be watching to see how Chronicle (with Google’s cloud) competes against Microsoft for future SIEM deals.