Tuesday, January 19, 2021
  • Better Security through the Security Development Lifecycle
  • Application Risk From 4 of Top 5 Vulnerability Attack Types Grows, .NET Applications Become Bigger Target for Attacks
  • Automate Silo Log Correlation With New Splunk Integration for SOCs
  • New Reolink P2P Vulnerabilities Show IoT Security Camera Risks
  • Quadrant Knowledge Solutions identifies Entrust as the “clear technology leader” in IoT IAM yet again

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Visibility: An Essential Component of Industrial Cyber Security

Visibility: An Essential Component of Industrial Cyber Security

by Gary DiFazio on June 27, 2018

As more and more devices are connected to the process control network, there are more and more risks related to potential impacts from industrial cyber security events, some of which may not even be targeted against industrial control systems (ICS).

For instance, WannaCry ransomware actually shut down entire plants without that being its primary objective. Is this a risk you can ignore?

What is an industrial cyber security event?

An industrial cyber security event is anything that can negatively impact the ability to view, monitor and control the industrial process. Such situations can come from human error, equipment failure, or malicious activity.

Are we taking the necessary precautions to help mitigate the potential impact of a cyber security event?

We need to be cognizant that “what is a good cyber security control or best practice (configuration management), will also be a good operational control.” This means that the best practices we can perform to mitigate risk for industrial cyber security events will also be effective controls for ensuring operational uptime or availability.

They will also give us the ability to reduce the mean time to repair (MTTR) for operational and cyber security event outages when, not if, they happen.

What are you doing to increase your industrial cyber security?

There are no shortcuts. Industrial cyber security is a journey that never ends, for the threat landscape is always changing as technology within control systems keeps advancing. There are, however, fundamental measures that we need to take.

First, make cyber security part of the industrial network design cycle. If we make this part of the design, we will make sure cyber security event risk reduction is taken from the start versus trying to bolt on industrial cyber security controls after a control system is deployed.

One other step we (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gary DiFazio. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/visibility-an-essential-component-of-industrial-cyber-security/

June 27, 2018June 28, 2018 Gary DiFazio Featured Articles, Human Error, ICS Security, WannaCry
  • ← Will Dropping Serialization from Java Remove the Vulnerabilities?
  • Hydroelectric Dams and ICS Security →

TechStrong TV – Live

Watch latest episodes and shows
Featured Blog

Eric Kedrosky

The Future of Multi-Cloud Security: A Look Ahead at Intelligent Cloud Security Posture Management Solutions

Pam Sornson, JD – Contributed Writer

IAM Best Practices For DevOps

Eric Kedrosky

Identity Risk: Identifying a Misconfigured IAM Trust Policy

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Soon, Quantum Computing Could Break Your Encryption
Revealed: Sophisticated ‘Watering Hole’ Attack – But By Whom?
Your Quantum-Safe Migration Journey Begins with a Single Step
Managing Identities and Entitlements to Secure the Public Cloud 
Capitol Rioters ID’ed With Help From Dating Apps
Amanda Gorman: “The Hill We Climb” to be Biden’s Inaugural Poem
How Are Cybercriminals Stealing Business Data?
Security as Code: Why It’s Important and What You Need to Know
People, Process and Technology: Six Best Practices for Cloud Least Privilege
DDoS Response Guide

Upcoming Webinars

Wed 20

Vulnerability Discovery in the Cloud

January 20 @ 3:00 pm - 4:00 pm
Thu 21

Next Generation Vulnerability Assessment Using Datadog and Snyk

January 21 @ 1:00 pm - 2:00 pm
Mon 25

Security Challenges and Opportunities of Remote Work

January 25 @ 1:00 pm - 2:00 pm
Tue 26

Preventing Code Tampering & Verifying Integrity Across Your SDLC

January 26 @ 1:00 pm - 2:00 pm
Thu 28

Protecting Cloud-Native Apps and APIs in Kubernetes Environments

January 28 @ 1:00 pm - 2:00 pm
Feb 03

Too Close to the Sun(burst): A Supply Chain Compromise

February 3 @ 11:00 am - 12:00 pm
Feb 04

Lessons from the FinTech Trenches: Securing APIs at Finastra

February 4 @ 3:00 pm - 4:00 pm
Feb 10

Finding Vulnerabilities in Your Cloud Native Applications Before They Find You!

February 10 @ 11:00 am - 12:00 pm
Feb 11

How to Merge AppSec and DevOps Effectively for the Good of Software

February 11 @ 3:00 pm - 4:00 pm
Feb 17

Finding and Preventing Secrets in Code

February 17 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Bringing Source Code Security Up to Speed
Application Security Cybersecurity Identity & Access Industry Spotlight Security Boulevard (Original) 

Bringing Source Code Security Up to Speed

January 19, 2021 Dor Atias | Yesterday 0
Hackers Calling Fair Game on Healthcare Institutions
CISO Suite Cybersecurity Data Security Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) Threat Intelligence 

Hackers Calling Fair Game on Healthcare Institutions

January 18, 2021 Caleb Barlow | 1 day ago 0
Your Quantum-Safe Migration Journey Begins with a Single Step
CISO Suite Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) Threats & Breaches 

Your Quantum-Safe Migration Journey Begins with a Single Step

January 15, 2021 Paul Lucier | 4 days ago 0

Top Stories

Capitol Rioters ID’ed With Help From Dating Apps
Cyberlaw Cybersecurity Featured Incident Response Mobile Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence 

Capitol Rioters ID’ed With Help From Dating Apps

January 18, 2021 Richi Jennings | 1 day ago 0
Revealed: Sophisticated ‘Watering Hole’ Attack – But By Whom?
Analytics & Intelligence Cybersecurity Featured Incident Response Malware Mobile Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Revealed: Sophisticated ‘Watering Hole’ Attack – But By Whom?

January 15, 2021 Richi Jennings | 4 days ago 0
Hackers Didn’t Only Use SolarWinds to Break In, Says CISA
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Featured Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Hackers Didn’t Only Use SolarWinds to Break In, Says CISA

January 11, 2021 Richi Jennings | Jan 11 0

Security Humor

via     the comic delivery system monikered   Randall Munroe   resident at   XKCD  !

XKCD ‘Pulsar Analogy’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.