Blog

One of the most common terms in any large organization is Risk Management. Risk Management has grown from a vertical role shared by multiple organizational executives into a separate horizontal practice in which a series of professionals can often dedicate entire careers. But what exactly is Risk Management? What is IT Risk Management? What is a Risk Management Framework? And why is it a vital component of an effective cyber security platform? For me, Risk Management is a rigorous business discipline that if applied and communicated correctly can ensure a business continues to achieve a strategy for profitable growth. It’s also the language of executives and one that cyber security executives should be extremely well versed in.

Originating as a business discipline, risk management is the process of understanding what could possibly impact your company in a negative way, and having an action plan for each possible threat. Risk Management is about mapping and understanding the likelihood of these financial threats to your organization in a manner that looks at probability and severity.

Read more

Today we are proud to announce a new chapter in our Industrial Defender ASM solution, ASM v6.0. Version 6.0 is a culmination of many of our dreams, aspirations and efforts of the past 3 years. It’s not only been a fun journey to make an industry-defining product in the ICS market but it’s also a passionate mission to help that brave and over-worked plant manager wearing several hats outside his primary job; that compliance manager trying to maintain hundreds of spreadsheet based compliance documents; that fleet manager responsible for compliance, health and welfare of several plants; that IT lead on OT systems who is trying to grapple with getting data from a 20 yr. old PLC. We worked with each of those different users to carefully develop the solution to meet their needs.

With 6.0, we completed the goal to be that one tool an OT operator needs. Our product is the most complete and comprehensive in the market to help with the security, compliance, operations and change management aspects of an OT environment, whether it’s a generation plant, an EMS system, a substation, a refinery, a water treatment plant or a chemical plant.

Read more

Now that we are part of Lockheed Martin,  we will begin sharing their extensive cybersecurity expertise with our ICS cybersecurity community.  With over a decade of experience defending against the most advanced adversaries, Lockheed Martin has a wealth of knowledge and experience.  As the ICS community looks to expand their knowledge of overall cybersecurity, we invite you to learn more from Lockheed Martin’s experts on their next webinar: Securing Your Environment Against Advance Persistent ThreatsDetails and registration click here.

Read more

During our engagements we often hear many people say they are “air gapped” since their control system is not directly connected to the internet, or simply bury their heads in the sand about the problem. DHS released their quarterly newsletter (link to PDF, also copied below) that confirms a public utility was compromised and their control system was accessed. Actually, it states there were two seperate hacks, and both were by external adversaries on systems configured to allow remote access.

While remote access a necessity for many utilities (i.e.: allowing vendors to perform system maintenance without costly travel or due to an emergency), when DHS reviewed the logs they determined the systems were likely accessed previously - something that would have been picked up by most network intrusion detection systems. As DHS pointed out, "This incident highlights the need to evaluate security controls employed at the perimeter and ensure that potential intrusion vectors (ex: remote access) are configured with appropriate security controls, monitoring, and detection capabilities." 

Read more

This is a post in a series of posts about adapting Continuous Delivery concepts and tools to OT environments.

Read more

Microsoft has released vulnerability advisories in Internet Explorer that could allow remote execution (https://technet.microsoft.com/en-us/library/security/2963983.aspx). Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

Read more

ICS-CERT continues to reach out to the vendor community to bring awareness of the OpenSSL vulnerability (CVE-2014-0160). Because OpenSSL may be used as a third-party component, ICS-CERT advises asset owners, operators, and SCADA software developers to investigate the use of the affected versions of OpenSSL in their environments.

Read more

The Forever Control Systems Technology Dilemma

Technologists who care about control system security are always in two worlds of dilemma.

Read more

ASM 5.6 adds a whole new level of interoperability with the security technologies that have been deployed to address vulnerabilities in control systems. ASM now collects data from a wide range of best-in-breed security technologies to provide the highest level of situational awareness for industrial control systems. Customers assert that using ASM has saved them 80% of the time it takes to identify, analyze, and report on their ICS cybersecurity and compliance activities.

Read more

After nearly 12-years of passion, perseverance, commitment and most importantly TEAM-WORK, today marks a monumental day in the company’s history with the announcement that we have reached an agreement to be acquired by Lockheed Martin. Read the press release.

Read more