Tuesday, January 22, 2019
  • Add Trust to Your Supply Chain
  • French GDPR Committee Fines Google $57M | Avast
  • The Evolution of Cyber Defenses, Attacks and Vulnerabilities in 2019
  • January Newsletter: New Year, New Features, and More from JumpCloud
  • XKCD, Models Of The Atom (Over Time)

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Security Bloggers Network 

Home » Security Bloggers Network » ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

by Gary DiFazio on September 26, 2018

As we have talked about in prior blogs, industrial cybersecurity is a journey. This is a journey that is never-ending, as control system technology advancements are adopting information technology (IT) and cloud-based solutions at a faster rate than ever before. At the same time, the threat landscape of malicious activity is constantly evolving. We now have malware like Industroyer that can communicate with industrial protocols and threats like Triton that are capable of targeting Safety Instrumented Systems (SIS).

What’s to be done in response to these threats? In other words…

What is your strategy?

Do you have an industrial cybersecurity strategy, or are you just rolling the dice?

It’s important to define what the overall goal should be for an organization’s industrial cybersecurity strategy. At the end of the day, the strategy needs to outline people, process and technology solutions that can help mitigate, lessen the impact of and/or help prevent industrial cybersecurity incidents, events which may affect one’s ability to view, monitor and control the industrial process.

As we defined a cyber event in one of my prior blogs earlier, these events can come from human error, equipment failure or malicious behavior.

How do you get started on this journey?

The following blogs from other Belden brands have succinctly addressed the following question “how do I get started?” Have a look: ICS Security: 3 Ways to Get Started and Getting Started on ICS and SCADA Security.

Both of the above understand cybersecurity risk assessments as a good first step. While this is a great recommendation, there are things you can proactively do in parallel to get started on this journey.

Control what you can control

While it may seem that securing an industrial control system is a daunting task, there are some fundamentals that you can (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gary DiFazio. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/ics-cybersecurity-visibility-protective-controls-continuous-monitoring/

September 26, 2018September 27, 2018 Gary DiFazio _NERC, ICS Security, PLC, SSH
  • ← What to Do and What to Avoid When Implementing Security in the DevOps Lifecycle
  • Venafi Retail Research: Will Holiday Shoppers be Duped By Look-alike Domains? →

Predict 2019 Virtual Summit

Featured Blog

Fortinet All Blogs

A Layered Approach to Cybersecurity: People, Processes, and Technology

Fortinet All Blogs

The Security Implications for 5G and IoT

Fortinet All Blogs

Fighting the Evolution of Malware

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Government, E-commerce Sites Hacked Through Database Tool
Client Applications: A Hacker’s Easiest Target?
PKI Deployment: The Top 10 Definitive Answers
Investment Dollars Pour into Cybersecurity as Vendor Fatigue Rises
Fortnite Attack Allowed Taking Over Player Accounts
10 Internet security tips to make 2019 your most cyber secure year ever
Why Cloud Identity Management for SMBs
The Story: Vermont State Official Proves Carrier Claims Of Coverage Are Hogwash
Are You Protected Against the 5 Top Healthcare Cyber Threats?
Wolf Halton on what’s changed in tech and where we are headed

Upcoming Webinars

Mon 28

Next-Generation Cybersecurity

January 28 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Securing the Code: DevOps Security and AppSec

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

What Security Teams Can Learn from Google’s ‘Infrastructure First’ Approach
Cybersecurity Industry Spotlight Network Security Security Boulevard (Original) 

What Security Teams Can Learn from Google’s ‘Infrastructure First’ Approach

January 21, 2019 Mark Ferlatte | Yesterday 0
Client Applications: A Hacker’s Easiest Target?
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

Client Applications: A Hacker’s Easiest Target?

January 18, 2019 Bill Horne | 3 days ago 0
PKI Deployment: The Top 10 Definitive Answers
Cybersecurity Data Security Industry Spotlight Network Security Security Boulevard (Original) 

PKI Deployment: The Top 10 Definitive Answers

January 17, 2019 Mark B. Cooper | 4 days ago 0

Top Stories

Government, E-commerce Sites Hacked Through Database Tool
Data Security DevOps Featured News Security Boulevard (Original) Spotlight Vulnerabilities 

Government, E-commerce Sites Hacked Through Database Tool

January 18, 2019 Lucian Constantin | 3 days ago 0
Fortnite Attack Allowed Taking Over Player Accounts
Application Security Data Security DevOps Featured Identity & Access News Security Boulevard (Original) Spotlight Vulnerabilities 

Fortnite Attack Allowed Taking Over Player Accounts

January 17, 2019 Lucian Constantin | 4 days ago 0
Barracuda Networks Embeds Incident Management in Email Security Suite
Cybersecurity Featured Incident Response News Security Boulevard (Original) Social Engineering Spotlight 

Barracuda Networks Embeds Incident Management in Email Security Suite

January 17, 2019 Michael Vizard | 4 days ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.