As the industry is still reeling from the onslaught of patent trolls over the past few years, when Industrial Defender (who most of us are still having trouble not calling "Verano" or even HP RTAP) revealed that they had been awarded a significant cybersecurity patent, the immediate reaction of most in the industry was, "Oh, no, not another one."
So I arranged to talk with Todd Nicholson, Chief Marketing Officer and Andrew Ginter, Chief Technology Officer of Industrial Defender. I made it clear that the patent was the chief topic I was interested in, and Nicholson and Ginter were extremely forthcoming.
While I still harbor reservations about whether their patent is ultimately defensible, the Patent Examiner doesn't agree with me, and his judgement, pending unlikely court action, is worth more than that of your humble editor and blogger.
Andrew made it very clear that this was not a patent that attempted to control the cybersecurity market in the process industries. "The central claim," he said, "is claim number 1. That's what's novel here. It is our ability to open a one way socket without introducing any new security vulnerability. All the other claims depend from that first one."
"What this gives us," Ginter went on, "is an honest competitive advantage over other people who can't do this. That's what we wanted."
According to Nicholson, business has been brisk. I asked him to compare his capabilities with those of the just announced partnership between Invensys and Integralis. "We have the ability to provide 24/7 security services, and we have the advantage of being a control system vendor too. And we can do it under one roof," Nicholson said.
And about that, I asked if they felt that RTAP, the SCADA system they continue to market, is inherently more secure than other competitive systems because of their work in security as Industrial Defender. Ginter said, "Well it wouldn't be fair, or true, to say that RTAP was designed from the ground up to be more secure. When it was designed originally, nobody was thinking about security in SCADA design. But we've improved it over the years, and one of the things we've done is to engineer in what we consider an effective level of security."