The Chertoff Group

The Chertoff Group and Dragos Form Strategic Partnership to Help Industrial Organizations Improve Risk Mitigation, Threat Detection and Incident Response

Washington, DC – The Chertoff Group and Dragos, Inc. today announced the formation of a unique alliance that will provide a holistic approach to cybersecurity risk management for industrial organizations seeking to protect critical infrastructure environments from today’s constantly evolving cyber threats.

The Chertoff Group is combining its policy intelligence, technology expertise and vast experience communicating threats to executives with Dragos’ industrial control system (ICS) expertise and best-in-class asset identification, threat detection and response platform. This alliance between two of the world’s premier risk management firms is grounded in the belief that effective security must be a comprehensive and continual process that transitions operational “bottom-up findings” into an actionable “top-down” strategy, starting at the board and C-suite level. In fact, this partnership has already successfully concluded several engagements with clients in a variety of sectors, including transportation, power & electric and mining.

“As we usher in 21st century transportation solutions represented by high-speed rail, we believe that the safety of our future passengers is paramount,” said The Chertoff Group-Dragos customer Lori Willox, chief financial officer of Texas Central Railway. “We are excited about the Chertoff–Dragos partnership that helps us ensure best-in-class safety and security in our systems through a converged OT/IT cyber risk management assessment.”

As information technology systems become increasingly integrated into industrial environments, organizations across the critical infrastructure spectrum, especially those dependent on ICS, are facing threats from ever more sophisticated adversaries intent on causing devastating operational, financial and even physical harm. While information technology (IT) systems and operational technology (OT) systems convergence enables efficiencies and business growth, it also expands the attack surface, leaving the vast majority of security teams to defend their most critical assets from new cyber threat vectors.

The Chertoff Group, a global security risk management advisory firm established in 2009 by former U.S. Department of Homeland Security Secretary Michael Chertoff, with extensive experience, knowledge and a proven record of protecting critical infrastructure, and Dragos a leading industrial cybersecurity company that has honed an approach specifically designed to secure operational technology, have established this partnership to meet this growing security imperative and support industrial organizations with the necessary threat awareness, expert analysis and actionable recommendations to better protect critical assets across both IT and OT environments.

“I believe we [The Chertoff Group and Dragos] are filling a great void in today’s risk management landscape by giving high profile and highly targeted industrial organizations a one-stop shop for truly understanding their risk profile along with specific risk-based recommendations and actions that can be taken to improve risk mitigation, threat detection and incident response but to also trust that their investments are working,” said Michael Chertoff, executive chairman and co-founder of The Chertoff Group.

Together, The Chertoff Group and Dragos are uniquely positioned to test and communicate real world risk to organizational leadership across the critical infrastructure system. Using a threat-oriented and consequence-driven methodology, the Chertoff-Dragos team ultimately helps organizational leadership move beyond mere compliance to better secure their ICS operations with threat-driven strategic guidance on how to structure and build effective risk-based cybersecurity programs.

The Chertoff-Dragos joint offering addresses the full spectrum of risk management needs across industrial organizations — from a “bottom-up” threat-oriented view of how attackers could target and exploit ICS systems such as communication networks, power systems, or (SCADA) systems, to a “top-down” picture of the organization’s inherent risk landscape. Complementing this unique approach, the Chertoff-Dragos team can clearly communicate risk management to all levels of an organization – from C-suite leaders to first-line operators.

“We are pleased to team with The Chertoff Group to provide industrial organizations with both the strategic and technical means to protect their networks from increasingly active adversaries,” said Robert M. Lee, CEO and co-founder of Dragos. “From the plant floor to the board room, organizations understand it is critically important to protect their assets and ensure uninterrupted operations. The combination of The Chertoff Group and Dragos brings vast expertise and experience to help clients build a solid and resilient cyber security foundation.”

About The Chertoff Group

The Chertoff Group is a global advisory services firm focused on security and risk management. The firm applies security expertise, technology insights, and policy intelligence to help clients build resilient organizations, gain competitive advantage, and accelerate growth. Through the firm’s Strategic Advisory Services Practice Area, The Chertoff Group offers comprehensive security assessments, risk management strategies, policy and planning frameworks, and ongoing monitoring services to help clients anticipate, prepare for and build capabilities necessary to navigate today’s complex threat environment.

About Dragos, Inc.

Dragos has a global mission: to safeguard civilization from those trying to disrupt the industrial infrastructure we depend on every day. The expert practitioners who founded Dragos were drawn to this mission through their decades of experience in the US Military and Intelligence Community going head-to-head with cyber attackers who threaten the world’s industrial infrastructure. Our solutions combine advanced technologies for asset identification, threat detection and response with the battle-honed insights of our elite team of industrial control systems (ICS) cybersecurity experts. We arm enterprises with the tools to identify threats and respond to them before they become significant breaches. Dragos currently protects hundreds of organizations and provides the industrial control systems community with select free technology products, research and thought leadership. Dragos is privately held and headquartered in the Washington, DC area.

Let's Talk.

Let's explore ways we can help you manage risk or position for strategic growth.

202.552.5280 | Mon. – Fri. 8:00 AM – 5:00 PM EDT