Release of ASM 6.0 was a significant milestone for Lockheed Martin and the Industrial Defender ASM solution stack. In a little more than two years from its first release ASM has captured the mindshare of the OT market. With ASM 6.0 we’ve introduced new applications and several key improvements to existing applications. After a successful controlled introduction process we are to happy to announce the general availablity to the market.

Industrial Defender solutions will be the standard across our entire fleet." – Leading US Utility

New Capabilities

Work Automation Suite, is a premium application targeted at Compliance and Operations users for a guided workflow when tracking planned changes in the OT environment. The application will help automate the tedious task of generating pre and post change reports, while storing all required change artifacts in a single, accessible container. We worked extensively with the user community to create this application and have received positive feedback on its usefulness in helping with the mission of continuous compliance.

Industrial Defender ASM FleetView™ is a new product in the ASM suite for organizations that have multiple Industrial Defender ASM installations and need a single view of Operations and Compliance. FleetView™ is designed to be a receive only application that corporate users access to view key metrics across the operating plants such as the configuration change activity, compliance to corporate policies and high priority security events. Below is an example of a fleetwide deployment of Industrial Defender Solutions accross an Electric Utility supply chain.

Updated Application Features; Policy Libraries and New Reports

As part of our commitment to the user communitywe are constantly improving our solution to meet your needs. We’ve made many different updates in 6.0, based on your requests.

  • Policy sets for NERC, NIST and NEI help existing and new users check their asset configurations against these standards and make corrections as necessary

  • New reports for Asset Configuration Baselines and tracking User Activity

  • File baselines to track changes to configuration files such as iptables and firewall.conf

  • New network baselines file to track network activity changes when used in conjunction with Industrial Defender NIDS

  • Hardware and software platform upgrades provide a more powerful solution that meet your project needs today and the challenges of tomorrow.

Want to change how you manage change?

Get Industrial Defender ASM 6.0 >
Read more

Primary objectives of hydroelectric control systems operators include ensuring operational stability and simplifying the task of meeting federal security and compliance requirements.

What's standing in their way? We've compiled a list of 10 major concerns facing operators in assuring the operational stability of all water management assets, as well as compliance with Federal Energy Regulatory Commission and NERC standards. These challenges can be broadly grouped into three major areas:

  • Business Practices
  • Infrastructure Management
  • Policy Considerations

Read more

Understanding the art and science of securing your environment

Cybersecurity is a gigantic topic. It’s more than just technology. It’s a careful mixture between art and science. Understanding the mechanics behind protecting, identifying and thwarting attacks, although crucial to the science of cybersecurity, represents only one side of the coin. Knowing your enemy, understanding the sociopolitical nuances of your environment, and predicting where you’re most likely to get attacked, that’s art.

Read more

Defining Cyber Concerns at 2014 ICS Cyber Security Conference

Joe Weiss has been beating the ICS Cyber Security drum for the past 12 years. Once again he summoned global critical infrastructure control systems engineers and asset owners working in operations management or in IT to join him for an annual conference. During the opening keynote Weiss articulated three challenges to achieving ICS cyber security in the context of collaborating with enterprise IT professionals.

Read more

We are wrapping up October, which is National Cyber Security Awareness Month, so today I want to share the ways citizens can help to support and build greater cyber resiliency.  

The purpose of National Cyber Security Awareness Month is to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cyber security.  According to the Department of Homeland Security, Cyber Awareness Month aims to increase the resiliency of the nation in the event of a cyber incident.

The role of citizens is growing by leaps and bounds as it relates to thwarting and potentially curbing cyber attacks. In my mind, this role can be bolstered by the following three actions:

Read more

Fact: Being compliant is not being secure and being secure is not being compliant. Can electric utilities blend compliance and security objectives to leverage the same tools, people and time?

Compliance keeps you compliant. Security keeps you safe.”

Mark Weatherford of the Chertoff Group was very emphatic on this point in this month’s EnergyCentral webcast saying, “Compliance is not security. We should all have that tattooed somewhere on our body.”

Read more

This month marks the 10th anniversary of National Cyber Security Month in the U.S. and is dedicating the third week of the month to awareness on the topic of cyber security as it relates to critical infrastructure and the internet of things. This month is a great opportunity to raise awareness on the importance of cyber security with your customers, your employees and your boards. 

Read more

SANS European ICS Security Summit: Field Report

Don’t even think about ICS cyber security if you don’t first know what assets and software you have running in the ICS. You can’t start to assess your risk, if you don’t know what you have running.” 
– Ralph Langner, SANS EMEA ICS Summit

There’s an intensifying sense of urgency to protect critical infrastructure from cyber threats perpetrated by an accumulating cast of threat actors amid percolating geo-political crisis.  While SANS is known for training security professionals in both IT and OT security, their summits tend to attract thought leaders rather than practitioners and this year’s European SANS ICS Security Summit was no exception. Hosted by Mike Assante with a speaker lineup that included leaders from CERT-EU, ENCS, ABB, Rockwell, Siemens, as well as leading experts such as Ralph Langner, Jonathan Pollett – to name a few – there was no shortage of experts taking the podium.

Read more

All-day Industrial Defender ASM workshop in Amsterdam a success with European customers.

Lockheed Martin Industrial Defender conducted an all-day workshop on September 23 in Amsterdam, Netherlands with our European Technical Advisory Council (TAC). The purpose of the European TAC conference, comprising of a select group of our European customers, was to gather feedback from customers on Industrial Defender solutions with a focus on understanding the pain points in their operations and how Industrial Defender solutions can help. We shared the Lockheed Martin Industrial Defender Solutions product roadmap and moderated the free exchange of ideas amongst the customers on supporting security and compliance for Industrial Control Systems (ICS) in Europe and beyond.

Read more

The Shellshock vulnerability has put most of the operational technology (OT) world into a state of panic. Especially, it has been very confusing to OT operators in the critical infrastructure industries on how to deal with it. Here is a step-by-step process on what the OT operators can do to get a handle on the vulnerability.

Read more