Saturday, October 20, 2018
  • Election interference from Uber and Lyft
  • Foundation of PCI Compliance: Identity Management
  • The Joy of Tech®’s ‘Portal’
  • 10 Proven Security Awareness Tips to Implement Now
  • Fighting mobile banking threats with threat intelligence | Avast

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Security Bloggers Network 

Home » Security Bloggers Network » ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

by Gary DiFazio on September 26, 2018

As we have talked about in prior blogs, industrial cybersecurity is a journey. This is a journey that is never-ending, as control system technology advancements are adopting information technology (IT) and cloud-based solutions at a faster rate than ever before. At the same time, the threat landscape of malicious activity is constantly evolving. We now have malware like Industroyer that can communicate with industrial protocols and threats like Triton that are capable of targeting Safety Instrumented Systems (SIS).

What’s to be done in response to these threats? In other words…

What is your strategy?

Do you have an industrial cybersecurity strategy, or are you just rolling the dice?

It’s important to define what the overall goal should be for an organization’s industrial cybersecurity strategy. At the end of the day, the strategy needs to outline people, process and technology solutions that can help mitigate, lessen the impact of and/or help prevent industrial cybersecurity incidents, events which may affect one’s ability to view, monitor and control the industrial process.

As we defined a cyber event in one of my prior blogs earlier, these events can come from human error, equipment failure or malicious behavior.

How do you get started on this journey?

The following blogs from other Belden brands have succinctly addressed the following question “how do I get started?” Have a look: ICS Security: 3 Ways to Get Started and Getting Started on ICS and SCADA Security.

Both of the above understand cybersecurity risk assessments as a good first step. While this is a great recommendation, there are things you can proactively do in parallel to get started on this journey.

Control what you can control

While it may seem that securing an industrial control system is a daunting task, there are some fundamentals that you can (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gary DiFazio. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/ics-cybersecurity-visibility-protective-controls-continuous-monitoring/

September 26, 2018September 27, 2018 Gary DiFazio 0 Comments _NERC, ICS Security, PLC, SSH
  • ← What to Do and What to Avoid When Implementing Security in the DevOps Lifecycle
  • Does Your Biometric and Behavioral Biometric Data Meet Data Privacy Compliances? →
Featured Blog

Fortinet All Blogs

An Analysis of Microsoft Edge Chakra JavascriptArray TypeId Handling Memory Corruption (CVE-2018-8467)

Fortinet All Blogs

Using Location Analytics to Improve Your Business

Fortinet All Blogs

The Need for Fast and Accurate Threat Intelligence

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Five Eyes Cybersecurity Agencies Release Report on Hacking Tools
5 Tips to Ensure a Secure Cloud Migration
Microsoft’s JET Vulnerability Patch Incomplete, Researchers Say
ACT Quickly to Ensure Data Security
Spyware Pushers Modify Equation Editor Exploit to Bypass AV Detection
Cyber Thieves Steal Millions from Mexican Banks
Artificial Intelligence and Machine Learning: The Most Effective Weapons Against Ransomware
Maintaining a Pulse: Ransomware in the Healthcare Sector
How to check if your Facebook account was hacked and what the hackers have on you
Best RADIUS Server

Upcoming Webinars

Mon 29

Seeing Red: Understanding Red Team Security

October 29 @ 1:00 pm - 2:00 pm
Wed 31

Beyond S3 Buckets – Effective Countermeasures for Emerging Cloud Threats

October 31 @ 11:00 am - 12:00 pm
Nov 07

Operationalizing Data For Fraud Investigations

November 7 @ 1:00 pm - 2:00 pm
Nov 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

One Year Later - Lessons Learnt From The Equifax Breach

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

6 DevOps Security Challenges to Overcome
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

6 DevOps Security Challenges to Overcome

October 19, 2018 Gilad David Maayan | Yesterday 0
Keeping Data on a Short Leash to Avoid Breaches
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Keeping Data on a Short Leash to Avoid Breaches

October 18, 2018 Bill Alderson | 1 day ago 0
Making Sense of the Senseless AI in Cybersecurity
Analytics & Intelligence Cybersecurity Industry Spotlight Security Boulevard (Original) 

Making Sense of the Senseless AI in Cybersecurity

October 17, 2018 Dustin Hillard | 2 days ago 0

Top Stories

New Attacks Reuse Malware Code from Dormant APT1
Endpoint Featured Malware News Security Boulevard (Original) Threat Intelligence Threats & Breaches 

New Attacks Reuse Malware Code from Dormant APT1

October 19, 2018 Lucian Constantin | Yesterday 0
BlackEnergy Successor Hits Energy Companies Since 2015
Endpoint Featured IoT & ICS Security Malware News Security Boulevard (Original) Spotlight 

BlackEnergy Successor Hits Energy Companies Since 2015

October 18, 2018 Lucian Constantin | 1 day ago 0
Spyware Pushers Modify Equation Editor Exploit to Bypass AV Detection
Data Security Featured Malware News Security Boulevard (Original) Spotlight Threats & Breaches 

Spyware Pushers Modify Equation Editor Exploit to Bypass AV Detection

October 17, 2018 Lucian Constantin | 2 days ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.