Wednesday, December 11, 2019
  • Automate macOS® Deployment
  • Ransomware attack teaches value of prevention to East Greenwich town government
  • Trend Micro Looks to the Cloud for Security
  • Why Granular SharePoint Backup and Recovery is Important
  • Patch Tuesday, December 2019 Edition

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

ICS Cybersecurity: Visibility, Protective Controls, Continuous Monitoring – Wash, Rinse, Repeat

by Gary DiFazio on September 26, 2018

As we have talked about in prior blogs, industrial cybersecurity is a journey. This is a journey that is never-ending, as control system technology advancements are adopting information technology (IT) and cloud-based solutions at a faster rate than ever before. At the same time, the threat landscape of malicious activity is constantly evolving. We now have malware like Industroyer that can communicate with industrial protocols and threats like Triton that are capable of targeting Safety Instrumented Systems (SIS).

What’s to be done in response to these threats? In other words…

What is your strategy?

Do you have an industrial cybersecurity strategy, or are you just rolling the dice?

It’s important to define what the overall goal should be for an organization’s industrial cybersecurity strategy. At the end of the day, the strategy needs to outline people, process and technology solutions that can help mitigate, lessen the impact of and/or help prevent industrial cybersecurity incidents, events which may affect one’s ability to view, monitor and control the industrial process.

As we defined a cyber event in one of my prior blogs earlier, these events can come from human error, equipment failure or malicious behavior.

How do you get started on this journey?

The following blogs from other Belden brands have succinctly addressed the following question “how do I get started?” Have a look: ICS Security: 3 Ways to Get Started and Getting Started on ICS and SCADA Security.

Both of the above understand cybersecurity risk assessments as a good first step. While this is a great recommendation, there are things you can proactively do in parallel to get started on this journey.

Control what you can control

While it may seem that securing an industrial control system is a daunting task, there are some fundamentals that you can (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gary DiFazio. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/ics-cybersecurity-visibility-protective-controls-continuous-monitoring/

September 26, 2018September 27, 2018 Gary DiFazio _NERC, ICS Security, PLC, SSH
  • ← What to Do and What to Avoid When Implementing Security in the DevOps Lifecycle
  • Venafi Retail Research: Will Holiday Shoppers be Duped By Look-alike Domains? →
Featured Blog

Enzoic

Automate Password Policy & NIST Password Guidelines

Enzoic

Enzoic Customer Profile: IDShield

Enzoic

Old vs. New Methods for Employee Password Hardening

Enzoic

Shop Safely This Cyber Monday

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Apple Passive-Aggressive PR Sparks Privacy Fear (Yet Again)
The Role of Technology in the Modern SOC
Lack of Mobile Strategy Creates Security Holes
AWS Previews Cloud Security Advances
Predictions 2020: Data Security Next Year and Beyond
Top 25 Most Dangerous Vulnerabilities, Smart City Privacy, DuckDuckGo vs. Google
Deepfake: The AI Endangering Your Cybersecurity 
FBI announces $5 million bounty for information on Russian hackers behind Dridex attacks
Amazon Battles Leaky S3 Buckets with a New Security Tool
GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

Upcoming Webinars

There are no upcoming webinars at this time.

Download Free eBook

The Next Generation of Application Security

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Predictions 2020: Data Security Next Year and Beyond
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Predictions 2020: Data Security Next Year and Beyond

December 10, 2019 Ameesh Divatia | Yesterday 0
The Role of Technology in the Modern SOC
Cybersecurity Incident Response Industry Spotlight Security Boulevard (Original) 

The Role of Technology in the Modern SOC

December 9, 2019 Jason Mical | 2 days ago 0
Learning From Health Care’s IoT Security Strategy
Cybersecurity Industry Spotlight IoT & ICS Security Security Boulevard (Original) 

Learning From Health Care’s IoT Security Strategy

December 6, 2019 Mike Nelson | Dec 06 0

Top Stories

Apple Passive-Aggressive PR Sparks Privacy Fear (Yet Again)
Cybersecurity Endpoint Featured Mobile Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Apple Passive-Aggressive PR Sparks Privacy Fear (Yet Again)

December 6, 2019 Richi Jennings | 4 days ago 0
StrandHogg Pwns 80% of Android Phones; Google Fiddles While Platform Burns
Cybersecurity Data Security Featured Malware Mobile Security News Security Awareness Security Boulevard (Original) Spotlight 

StrandHogg Pwns 80% of Android Phones; Google Fiddles While Platform Burns

December 3, 2019 Richi Jennings | Dec 03 0
TrueDialog Leaks 600GB of Personal Data, Affecting Millions
Cloud Security Cybersecurity Data Security Featured Governance, Risk & Compliance News Security Boulevard (Original) Spotlight 

TrueDialog Leaks 600GB of Personal Data, Affecting Millions

December 2, 2019 Richi Jennings | Dec 02 0

Security Humor

via   the comic delivery system monikered  Randall Munroe  at  XKCD !

XKCD, AI Hiring Algorithm

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.