Blog

Industrial Defender solutions were built with automation in mind, including but not limited to the automation of collecting and alerting on cybersecurity events, enforcing policies, and monitoring changes within the industrial control systems environment to strengthen an organization's cybersecurity posture and improve situational awareness. The latest version of this industry-leading technology stays true to the objective and delivers timely answers to real-world industrial control systems customer concerns.

July 24th marked the debut webcast showcasing the latest Industrial Defender ASM v6 platform capabilities. Policy management enhancements, work automation suite and FleetView additions to the products already robust cybersecurity, compliance and change management applications. This post documents the live twitter feed that captured key presentation points as well as the question and answer portion of the program. Peruse the highlights for an overview of how Industrial Defender ASM v6 can assist you with your next ICS project!

Read more

Field Report from Nuclear Information Technology Strategic Leadership (NITSL) 2014 Event

A group of technically astute and remarkably humble nuclear cybersecurity engineers and thought leaders convened in Dallas last week to consider the substantial challenges to securing the nuclear power plants scattered throughout the U.S.

Read more

One of the most common terms in any large organization is Risk Management. Risk Management has grown from a vertical role shared by multiple organizational executives into a separate horizontal practice in which a series of professionals can often dedicate entire careers. But what exactly is Risk Management? What is IT Risk Management? What is a Risk Management Framework? And why is it a vital component of an effective cyber security platform? For me, Risk Management is a rigorous business discipline that if applied and communicated correctly can ensure a business continues to achieve a strategy for profitable growth. It’s also the language of executives and one that cyber security executives should be extremely well versed in.

Originating as a business discipline, risk management is the process of understanding what could possibly impact your company in a negative way, and having an action plan for each possible threat. Risk Management is about mapping and understanding the likelihood of these financial threats to your organization in a manner that looks at probability and severity.

Read more

Today we are proud to announce a new chapter in our Industrial Defender ASM solution, ASM v6.0. Version 6.0 is a culmination of many of our dreams, aspirations and efforts of the past 3 years. It’s not only been a fun journey to make an industry-defining product in the ICS market but it’s also a passionate mission to help that brave and over-worked plant manager wearing several hats outside his primary job; that compliance manager trying to maintain hundreds of spreadsheet based compliance documents; that fleet manager responsible for compliance, health and welfare of several plants; that IT lead on OT systems who is trying to grapple with getting data from a 20 yr. old PLC. We worked with each of those different users to carefully develop the solution to meet their needs.

With 6.0, we completed the goal to be that one tool an OT operator needs. Our product is the most complete and comprehensive in the market to help with the security, compliance, operations and change management aspects of an OT environment, whether it’s a generation plant, an EMS system, a substation, a refinery, a water treatment plant or a chemical plant.

Read more

Now that we are part of Lockheed Martin,  we will begin sharing their extensive cybersecurity expertise with our ICS cybersecurity community.  With over a decade of experience defending against the most advanced adversaries, Lockheed Martin has a wealth of knowledge and experience.  As the ICS community looks to expand their knowledge of overall cybersecurity, we invite you to learn more from Lockheed Martin’s experts on their next webinar: Securing Your Environment Against Advance Persistent ThreatsDetails and registration click here.

Read more

During our engagements we often hear many people say they are “air gapped” since their control system is not directly connected to the internet, or simply bury their heads in the sand about the problem. DHS released their quarterly newsletter (link to PDF, also copied below) that confirms a public utility was compromised and their control system was accessed. Actually, it states there were two seperate hacks, and both were by external adversaries on systems configured to allow remote access.

While remote access a necessity for many utilities (i.e.: allowing vendors to perform system maintenance without costly travel or due to an emergency), when DHS reviewed the logs they determined the systems were likely accessed previously - something that would have been picked up by most network intrusion detection systems. As DHS pointed out, "This incident highlights the need to evaluate security controls employed at the perimeter and ensure that potential intrusion vectors (ex: remote access) are configured with appropriate security controls, monitoring, and detection capabilities." 

Read more

This is a post in a series of posts about adapting Continuous Delivery concepts and tools to OT environments.

Read more

Microsoft has released vulnerability advisories in Internet Explorer that could allow remote execution (https://technet.microsoft.com/en-us/library/security/2963983.aspx). Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

Read more

ICS-CERT continues to reach out to the vendor community to bring awareness of the OpenSSL vulnerability (CVE-2014-0160). Because OpenSSL may be used as a third-party component, ICS-CERT advises asset owners, operators, and SCADA software developers to investigate the use of the affected versions of OpenSSL in their environments.

Read more

The Forever Control Systems Technology Dilemma

Technologists who care about control system security are always in two worlds of dilemma.

Read more