Home » Cybersecurity » Threats & Breaches » Vulnerabilities » ICS Security in a Nutshell: Common Challenges and How Tripwire Can Help Overcome Them

ICS Security in a Nutshell: Common Challenges and How Tripwire Can Help Overcome Them

Industrial control systems (ICS) first proliferated at a time when cybersecurity didn’t weigh heavily on organizations’ minds. Since then, there have been two significant developments in the industry. First, cybersecurity has become a mission-critical concern for businesses everywhere. Second, there’s been a shift to new network technologies that improve data collection, efficiency and time-to-market.

These events have introduced new cybersecurity risk into organizations’ operational technology (OT) environments. On the one hand, the design and configuration of many industrial control systems oftentimes contradict best security practices. Many ICS are purpose-built and proprietary. This makes them out-of-sync with modern cybersecurity standards. Additionally, organizations at one point in time configured their ICS in a flat system, meaning each device had access to other assets. That setup might have worked 20 years ago, but nowadays in a flat system, a malware attack against one device could give cybercriminals free reign of the network.

On the other hand, ICS are no longer isolated from other assets. They are increasingly enmeshed with IT business infrastructure and devices. This IT-OT convergence multiplies the risk of their command and control functions being compromised by cyber adversaries.

So what are organizations to do? How can they best overcome these challenges of securing their industrial control systems?

The first step to ICS security is realizing what organizations have installed on their networks. Maintaining an accurate hardware, firmware and software inventory is paramount if they want to protect their systems from cyber attacks. The inventory of components that make up their control system must also be updated over time as new assets are added.

Organizations can initiate asset inventory by inspecting their network to identify what’s attached to it. Passive asset discovery solutions are essential to this process, as they provide accurate network topology without impacting operations within traffic-sensitive OT environments. (Read more...)