Achieving a strong cybersecurity posture involves the right investment in people, processes and technologies. A new survey published by the Ponemon Institute and Lockheed Martin, explores how organizations are making decisions that will have a significant impact on their ability to prevent and detect cyber threats.   

Read more

Cybersecurity is arguably the biggest challenge facing most companies today. We are undergoing a change in IT Security where it seems like every company is subjected to endless cyber-attacks. With the increase in Advanced Persistent Threats to traditionally consumer-oriented organizations, the adoption of cyber regulations within private companies is more prevalent than ever. Although compliance does not in itself guarantee security, it’s a good starting point, especially when combined with best practices and guidelines that regulate the industry.

Read more

A necessary but relentless focus on regulatory compliance in the cybersecurity community may be shifting resources away from more complex threats. Although organizations focused on checking the compliance box are more likely to address the foundational solutions necessary in building a cybersecurity framework, this approach can also lead to a false sense of security.

The Ponemon Institute and Lockheed Martin recently surveyed 678 IT security leaders within the United States. The surveyed respondents were security practitioners familiar with their organizations’ defense against cybersecurity attacks and responsible for directing cybersecurity activities. (Download the Intelligence Driven Cyber Defense survey results.)

When asked about cybersecurity business priorities, compliance was rated the number one cybersecurity business priority (above confidentiality, interoperability, integrity and availability). The challenge with this common response is that compliance does not necessarily equal security. 

Read more

Automation Technology Execs focus on Cyber Security at ARC Forum 2015

The gathering at the ARC Industry Forum is an annual meeting of the most influential people in the automation technology space. At this year’s conference there was one topic in particular on everyone’s mind: cyber security.


DHS ICS CERT leader puts a focus on #ICS #cybersecurity at #ARCForum. "Bake-in cybersecurity". Do you know how?" – @i_defender tweet on comments made by Brigadier General (Retired) Gregory Touhill, DHS Assistant Secretary of Cyber Security 
Read more

Your single, unified view just got more customizable

Industrial Defender ASM™ is an industry leading solution for automating alerts, tasks and reporting for effective management of the control systems environment. The latest version, version 6.1, boasts some significant changes to the interface home screen. Security, compliance and operations managers have unique daily tasks to monitor and manage within the ICS. Although, we’ve always catered to the needs of these distinct roles we’ve now added customizable dashboards to the home screen to allow users to see unique and relevant sets of data more easily.

New ASM User Interface Widgets and Layout

New Dashboards deliver greater environment visibility and ASM ease of use. Among the UI improvements are the ability to create new dashboards and add custom tiles to dashboards so you can monitor and act on changes in your asset environment. Create customized dashboards based on user profile. Users view changes and anomalies on their dashboard and drill down from widgets and tiles to take view details and take action. Widgets and tiles are self-updating and can be displayed on large screens in control centers.

Other features of this release include:

  • Reports for NERC CIP 5 and the File Repository
  • Contact and Contact Group Management for Notifications
  • Easier and More Intuitive Exceptions over Time Display
  • Work Automation User Interface Offers Greater Visibility
Read more

Industrial control systems compliance owners find project success with Industrial Defender ASM

Leverage ready-to-go NERC CIP, NIST and NEI 08-09 policy libraries along with the Work Automation Suite to automate the collection, storage and  reporting of compliance artifacts for audit requirements.

Effectively meet requirements for compliance programs. As new asset configuration changes and compliance events are detected Compliance managers can use the customizable ASM 6.1 dashboards to monitor continuous compliance. Dashboards help to visualize compliance by key metrics such as deviations from asset configuration baselines, security events to be reviewed and new assets to baseline.

The ASM 6.1 dashboard tiles display real-time asset configuration changes and event monitoring such as authentication events. Charts and graphs provide a range of critical data including reachability and distribution by varying criteria, aggregation of deviations or exceptions of events across your environment, configuration baseline graphs waiting to be promoted and authentication events that track failed login attempts in your ICS environment.

Read more

Industrial control systems security owners find project success with Industrial Defender ASM

Security analysts leverage the Industrial Defender ASM to monitor violations of security policies and safeguards. Security event monitoring across your asset inventory ensures you're aware of important security events and enables decisive action when vulnerabilities and threats are identified.

An analyst logs in to the ASM each day. As new events are detected the dashboard updates with real-time event information for all monitored assets. Dashboard tiles track individual security categories the analyst would like to monitor such as anti-virus, firewall and audit log changes and USB insertions.

Charts and graphs provide additional visualization. They capture event trends over a period of time for an analyst to spot anomalies and display the top 10 event categories for time periods or distribution of events by priority for real-time review. Leverage the customizable dashboards to help refine your secuirty management programs for improve your organization's posture. 

Read more

Industrial control systems operations owners find project success with Industrial Defender ASM

Effective cyber asset management is crucial to operations. Monitoring asset inventory details, health and configurations from a unified, single view platform provides increased effeciency and situational awareness.

An operations manager can effectively use the pre-configured ASM dashboard to monitor the health and welfare of assets.

An operations manager logs in to ASM each day or views the dashboard on a large screen. As new events and asset configuration changes are detected the dashboard updates with the latest information. Tiles across the top of the display track operation events and asset configuration changes that the manager would like to monitor. Charts and graphs provide more detail about aggregation of events across the environment.

  • Real-time asset configuration changes and events indicating resource issues and limitations
  • View CPU and network resource limitations
  • Asset configuration changes
  • Newly discovered assets
  • Charts and graphs provide
    • Reachability and distribution by varying criteria
    • Capture trends over time to detect suspicious anomalies
Read more

This year’s Critical Asset Summit took place in Houston, Texas which is appropriate given the topical agenda germane to the threats facing Oil & Gas process control professionals. With the acquisition of Industrial Defender by Lockheed Martin nearing its one year anniversary it was fitting to leverage this event to continue socializing Lockheed Martin’s unified IT and OT cyber security capabilities specifically for the Oil & Gas process control space.

...coming together not only to address the continuing cyber threats and set precautions framework, but most importantly to provide necessary tools, insights and methodological steps in constructing a successful secure policy."

Read more

Each year, the Internet of Things (IoT) makes strides towards transforming industries. IoT, or as it’s sometimes known as the Internet of Everything (IoE), are physical devices that placed on the Internet by installing wireless sensors on them. You see a lot of IoT in the consumer world, most commonly in home devices such as alarm systems, thermostats and electrical sockets to control lights remotely. Most of these devices are accessed by apps on your mobile device.

Within the last couple of years, IoT has slowly started to enter other markets. Sectors like healthcare and manufacturing are quickly learning about their potential value, particularly when combining IoT with business process management (BPM) programs. At face value, the benefits of this integration seem limitless. Real-time data analytics, immediate social and mobile capabilities to otherwise static and often hard to reach devices, and the ability to pair business-facing operations like inventory control and automated supply-chain capabilities with real-time consumer demand, creates a list of desired capabilities that is almost too appealing for any C level executive to resist.

But how safe are these devices? What can your organization do to protect itself from the danger associated with IoT? In past blogs you’ve heard us talk about the potential challenges between integrating Information Technology and Operational Technology. In many ways, this is very similar. On one hand you have a physical device, like an alarm system, which was built to interface with a live person, and therefore the device was designed from the ground up with accessibility as its core, data integrity as its next most important component, and confidentiality of data as the third priority. By integrating a sensor for wireless access, you’re now effectively opening the door to hackers by providing accessibility to a device that was not built primarily to protect the confidentiality of its data.
Read more