ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat - Security Boulevard
Thursday, May 13, 2021
  • A BIGGER SHARE OF VULNERABILITIES WERE SERIOUS IN THE FIRST TWO MONTHS OF THE YEAR
  • Inside BNP Paribas’ Digital Banking Innovation: Cloud, Data, AI
  • 10 Exploits Cybersecurity Professionals are Concerned About
  • End-to-End IoT Device Security: What You Need to Know
  • Four compliance considerations for government bidding

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

by Gary DiFazio on September 26, 2018

As we have talked about in prior blogs, industrial cybersecurity is a journey. This is a journey that is never-ending, as control system technology advancements are adopting information technology (IT) and cloud-based solutions at a faster rate than ever before. At the same time, the threat landscape of malicious activity is constantly evolving. We now have malware like Industroyer that can communicate with industrial protocols and threats like Triton that are capable of targeting Safety Instrumented Systems (SIS).

Christopher Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency talk about the very real security threat disinformation can cause. Live at DevOps Connect 2021 on May 19.

What’s to be done in response to these threats? In other words…

What is your strategy?

Do you have an industrial cybersecurity strategy, or are you just rolling the dice?

It’s important to define what the overall goal should be for an organization’s industrial cybersecurity strategy. At the end of the day, the strategy needs to outline people, process and technology solutions that can help mitigate, lessen the impact of and/or help prevent industrial cybersecurity incidents, events which may affect one’s ability to view, monitor and control the industrial process.

As we defined a cyber event in one of my prior blogs earlier, these events can come from human error, equipment failure or malicious behavior.

How do you get started on this journey?

The following blogs from other Belden brands have succinctly addressed the following question “how do I get started?” Have a look: ICS Security: 3 Ways to Get Started and Getting Started on ICS and SCADA Security.

Both of the above understand cybersecurity risk assessments as a good first step. While this is a great recommendation, there are things you can proactively do in parallel to get started on this journey.

Control what you can control

While it may seem that securing an industrial control system is a daunting task, there are some fundamentals that you can (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gary DiFazio. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/ics-cybersecurity-visibility-protective-controls-continuous-monitoring/

September 26, 2018September 27, 2018 Gary DiFazio _NERC, ICS Security, PLC, SSH
  • ← What to Do and What to Avoid When Implementing Security in the DevOps Lifecycle
  • Venafi Retail Research: Will Holiday Shoppers be Duped By Look-alike Domains? →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Of Pipelines And Cybersecurity
Colonial Pipeline FAIL: Ransomware Gang Threatens Gas Supplies
Beyond MFA: Adding Context For Secure Access
The Perils of a Running Start: Can You Skip SOC 2 Type 1?
Federal Court Permits Warrantless Device Searches at Border
OT and IoT Security: Adopt a Post-Breach Mindset Today
Security News In Review: PyInstaller, Cloud Frameworks, and Scripps (Oh My)
Ransomware attack leads to shutdown of major U.S. pipeline system
Ransomware Attack Shuts Down Fuel Pipeline Supplying the East Coast
Using the new Plot Javascript Exploratory Visualization Library Sans-Observable

Upcoming Webinars

Thu 13

Container Live-Hack: Managing Container Vulnerabilities in Amazon ECR and Amazon EKS

May 13 @ 11:00 am - 12:00 pm
Mon 17

Are We There Yet? The State of Cloud Native Application Security

May 17 @ 9:00 am - 10:00 am
Thu 20

Open Source Risk Management in the Financial Sector

May 20 @ 11:00 am - 12:00 pm
Tue 25

Your Data Has Moved to the Cloud. Has Your Security Stack?

May 25 @ 11:00 am - 12:00 pm
Tue 25

Accelerate Threat Detection on AWS Cloud and Containers

May 25 @ 1:00 pm - 2:00 pm
Wed 26

How AI & Shift Left Can Help Transform Your Enterprise Testing

May 26 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Lessons in Securing Development Environments
Application Security Cybersecurity Endpoint Incident Response Industry Spotlight Network Security Security Boulevard (Original) Threats & Breaches Vulnerabilities 

Lessons in Securing Development Environments

May 12, 2021 Eran Orzel | Yesterday 0
The Perils of a Running Start: Can You Skip SOC 2 Type 1?
CISO Suite Cybersecurity Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) 

The Perils of a Running Start: Can You Skip SOC 2 Type 1?

May 10, 2021 Justin Beals | 2 days ago 0
Passwords a Threat to Public Infrastructure
Application Security CISO Suite Cybersecurity Governance, Risk & Compliance Identity & Access Industry Spotlight Security Boulevard (Original) 

Passwords a Threat to Public Infrastructure

May 6, 2021 Raz Rafaeli | May 06 0

Top Stories

Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues
Application Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Identity & Access Malware Network Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches 

Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues

May 12, 2021 Richi Jennings | Yesterday 0
DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack
Analytics & Intelligence Cloud Security Cybersecurity Data Security Featured Incident Response Malware News RSA RSAC Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack

May 12, 2021 Teri Robinson | Yesterday 0
Ransomware Attacks on Municipalities Continue
Featured Governance, Risk & Compliance Incident Response Malware News Security Boulevard (Original) Spotlight 

Ransomware Attacks on Municipalities Continue

May 12, 2021 Christopher Burgess | Yesterday 0

Security Humor

via the comic delivery system monikered Randall Munroe resident at XKCD!

XKCD ’90’s Kid Space Program’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.