Industrial Control System Cybersecurity

Similar documents
Cisco Advanced Services for Network Security

Requirements When Considering a Next- Generation Firewall

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

SANS Top 20 Critical Controls for Effective Cyber Defense

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

Cyber Security for NERC CIP Version 5 Compliance

Alcatel-Lucent Services

How To Protect Your Network From Attack From A Network Security Threat

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

Preemptive security solutions for healthcare

Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives.

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Industrial Cyber Security Risk

Defending Against Data Beaches: Internal Controls for Cybersecurity

Cisco Advanced Malware Protection for Endpoints

Enterprise Security Tactical Plan

Strengthen security with intelligent identity and access management

End-to-End Application Security from the Cloud

How To Buy Nitro Security

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Safeguarding the cloud with IBM Dynamic Cloud Security

Total Protection for Compliance: Unified IT Policy Auditing

Enterprise-Grade Security from the Cloud

Embracing Microsoft Vista for Enhanced Network Security

Cisco Security Optimization Service

Strategies for assessing cloud security

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

IBM QRadar Security Intelligence April 2013

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

PLC Security for Water / Wastewater Systems

Network Topology. White Paper

Security. Security consulting and Integration: Definition and Deliverables. Introduction

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Current IBAT Endorsed Services

Best Practices for PCI DSS V3.0 Network Security Compliance

Breach Found. Did It Hurt?

IBM Global Small and Medium Business. Keep Your IT Infrastructure and Assets Secure

Concierge SIEM Reporting Overview

IBM Security IBM Corporation IBM Corporation

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Cisco Security Intelligence Operations

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

IBM Global Technology Services Preemptive security products and services

1 Introduction Product Description Strengths and Challenges Copyright... 5

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

SECURITY PATCH MANAGEMENT INSTALLATION POLICY AND PROCEDURES

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Vulnerability Management

McAfee Security Architectures for the Public Sector

Automated Firewall Change Management. Ensure continuous compliance and reduce risk with secure change management workflows

IBM Internet Security Systems products and services

Cloud Security Trust Cisco to Protect Your Data

Cisco and Citrix Solution

Nine Network Considerations in the New HIPAA Landscape

Top 20 Critical Security Controls

Industrial Security Solutions

Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

MEETING CSIP OBJECTIVES WITH AN AUTOMATED AND PREVENTIVE SECURITY APPROACH

SAM Benefits Overview SAM SOFTWARE ASSET MANAGEMENT

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Cisco and VMware Virtualization Planning and Design Service

Leveraging security from the cloud

Teradata and Protegrity High-Value Protection for High-Value Data

IBM Security QRadar Risk Manager

FIREMON SECURITY MANAGER

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Cisco Cloud Enablement Services for Education

How To Manage Security On A Networked Computer System

Technical Note. ForeScout CounterACT: Virtual Firewall

Cisco Cybersecurity Pocket Guide 2015

Breaking down silos of protection: An integrated approach to managing application security

Network Access Control in Virtual Environments. Technical Note

FIVE PRACTICAL STEPS

Increase insight. Reduce risk. Feel confident.

security changes with Orange focus on your business, we focus on your security

White Paper. Architecting the security of the next-generation data center. why security needs to be a key component early in the design phase

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

IBM Security QRadar Risk Manager

Wasting Money on the Tools? Automating the Most Critical Security Controls. Mason Brown Director, The SANS Institute

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

THE TOP 4 CONTROLS.

Operational Efficiencies of Proactive Vulnerability Management

Securing The Connected Enterprise

How To Create An Intelligent Infrastructure Solution

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

IoT & SCADA Cyber Security Services

Database Security in Virtualization and Cloud Computing Environments

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Braindumps QA

Devising a Server Protection Strategy with Trend Micro

Unisys Security Solutions

Transcription:

Industrial Control System Cybersecurity Buyer s Top 10 Guide 1

Introduction The purpose of this guide is to provide you with high-level questions to ask of any prospective vendor looking to secure your industrial control systems (ICS). It will provide you a path to determine critical information about the vendor s ability to offer a successful ICS security solution. By asking the following 10 questions, you will better understand if the vendor offering meets your ICS security requirements. 2

When looking to secure and maintain your control system it is essential to understand: Why Answers to these Questions Matter Make an informed decision around the services and features required to properly secure your ICS What to Look for in the Answers Comprehensive responses with details and examples of successful implementations Potential Pitfalls Every vendor has strengths and weaknesses and these answers help you pinpoint the potential weaknesses 3

Question 1 How do you detect and protect against an ICS security threat? Why it Matters Monitoring, defending, and remediating against risks and threats throughout your network prevents downtime and loss of control even against physical anomalies like squirrels, jellyfish, or birds. 4

What to Look For A vendor that can baseline your environment by detecting and alerting you to anomalies that can cause system failure such as malicious security threats or human error, provide continuous monitoring for your ICS environment down to the control of physical processes, and offer robust forensic analysis after an attack to drive rapid remediation. Potential Pitfalls A vendor offering single, point-in-time security focused on a single type of threat, fragmented one-off security projects that create vulnerabilities in your system, and lacking an Intrusion Prevention System (IPS) for threat detection. 5

Question 2 How do you participate in ICS standards creation, research and industry training? Why it Matters Adhering to ICS standards with up-to-date products, policies, and procedures ensures you won t implement an inefficient security solution that doesn t drive compliance. 6

What to Look For A vendor that is involved in the security community and leads the development of new standards, is aware of new policies, procedures, system designs, training and threat reports, and is a member of the International Society for Automation (ISA). Potential Pitfalls A vendor that does not participate in the ISA or adhere to most current standards, leaves your team the burden of understanding and implementing standards, and offers a solution that won t drive compliance or adjust to frequently-changing standards. 7

Question 3 How do you secure each boundary level of an ICS network? Why it Matters Applying a strategy to secure every level of your ICS network prevents disjointed solutions and insufficient levels of security. 8

What to Look For A vendor with a portfolio of integrated physical security and cybersecurity solutions, the ability to apply passive and active security levels within a single environment, and solutions that address the specific security needs of each boundary level. Potential Pitfalls A vendor that provides unnecessary security levels for your system, lacks integration with your current architecture, and offers pointsecurity solutions that can t communicate with other systems. 9

Question 4 How is your industrial hardware manufactured and supported? Why it Matters Employing compatible, supportable, and flexible hardware from a vendor with design and support expertise is vital to avoid unnecessary network traffic and implementation issues from a poorly designed system. 10

What to Look For A vendor with industrial design experience, support from design engineers that have extensive knowledge of the software, hardware components, and any impacts they may have on your system, and tested, lasting hardware. Potential Pitfalls A vendor with generic, original-devicemanufacturer (ODM) hardware, unintelligent hardware designs with excessive functions that cause latency, installed hardware with unusable features, and hardware without longevity or support options. 11

Question 5 How does your security help drive broader business outcomes? Why it Matters Maintaining the same standards of availability while securing your ICS is critical to achieve the increased connectivity required for an IoT network and drive the digital transformation of your architecture. 12

What to Look For A vendor that offers industry-leading security and knowledge and has a broad services portfolio and partner ecosystem that can: drive compliance, increase business visibility, create innovative business processes and policies, lower costs, reduce risk management on systems and the environment, decrease threat remediation time, and enable consistent management across physical and virtual environments. Potential Pitfalls A vendor that lacks the knowledge and tools to effectively manage risk across your environment, provides a superficial, non-holistic view of your security requirements, and increases operating costs and management resources. 13

Question 6 How does your solution integrate with other IT and OT products and services you offer? Why it Matters Integrating IT and OT security products and services decreases the likelihood of introducing vulnerabilities and gaps into your system. 14

What to Look For A vendor committed to delivering fully-integrated products and services, working closely with an integrated partner ecosystem to offer a robust security portfolio, and providing a single source for management and decision making without introducing risk. Potential Pitfalls A vendor with multiple point solutions that create disjointed security policies and management layers, a lack of integration processes that leave you with additional costs, and poor system visibility for decision making related to risk management and compliance. 15

Question 7 What types of visibility does your solution offer into an ICS? Why it Matters Gaining full visibility into every zone and segment of your ICS enables you to defend against risks and threats that go undetected through different layers. 16

What to Look For A vendor that provides baseline asset discovery/ inventory to determine the machines, network devices, and products that exist in different zones, offers passive discovery and inventory capabilities that quantify risk and residual risk, and who enables remediation against signatureless threats when they hit your system. Potential Pitfalls A vendor offering a flat network without zones and segments to differentiate your system, no firewalls or protection between different zones and segments, and manual asset discovery limited to the control system and manufacturing operations system layers. 17

Question 8 Can you describe the full range of security provided by your solutions at the IT and OT interconnect? Why it Matters Establishing network requirements and management processes through IT and OT convergence preserves the existing availability standards and improves your security. 18

What to Look For A vendor that aligns IT and OT strategies and processes for visibility, enables secure communication between IT and OT systems, and helps you implement IEC-62443/ISA99 standards to secure your ICS. Potential Pitfalls A vendor unaware of key differences between IT and OT requirements, who provides limited communication between IT and OT organizations leading to vulnerabilities in your system, and increases latency from unnecessary features such as spam protection for a system without e-mail. 19

Question 9 What authentication and authorization protocols do you implement for network access? Why it Matters Utilizing a comprehensive set of authorization policies and protocols lowers your risk by keeping out unknown or unwanted entities, without impacting operations. 20

What to Look For A vendor that provides context-aware identity management based on identity, location, and access history, allows you to streamline service operations by establishing specific standards throughout the network, and empowers you to make proactive governance decisions by tying identities to network elements. Potential Pitfalls A vendor offering limited network connectivity for access control, lack of an identity database and allowed protocols for your ICS, and inflexible rule definitions for granting access to segments of the network, applications, or services simply on authentication results. 21

Question 10 How do youknow that your security solution will successfully integrate with my network architecture? Why it Matters Implementing a solution that integrates seamlessly with your existing systems helps you avoid introducing unknowns and unintended consequences, or creating new vulnerabilities. 22

What to Look For A vendor offering a tested and validated solution put through rigorous analysis and exposure to threats, comprehensive documentation around the implementation of security measures in your environment, multiple types of support and services for applying the security solution, and deep understanding of the ICS environment and what is required to secure it. Potential Pitfalls A vendor that doesn t know their solution will be successful in your environment before implementation, can t offer multiple levels of support and services to run the solution, and doesn t work with a robust partner ecosystem to secure an ICS. 23

2016 Cisco and/or its affiliates. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) 24

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information