Using Visibility to Navigate the Evolving Role of ICS Security - Security Boulevard
Tuesday, May 11, 2021
  • The Importance of Code Signing in the Software Supply Chain
  • What are the Different Types of SSL Certificates Available?
  • Bad Ending for Washington, D.C.’s Metropolitan Police Department (MPD) after a Ransomware Attack
  • CPDP 2021 – Moderator: Pieter Van Cleynenbreugel ‘Automated Decision-Making: Towards Effective Remedies In A Changing World?’
  • New report: Application fraud is a serious threat to financial institutions

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Using Visibility to Navigate the Evolving Role of ICS Security

Using Visibility to Navigate the Evolving Role of ICS Security

by David Bisson on April 25, 2019

The current security state of industrial control systems (ICS) is a perplexing one. On the one hand, Kaspersky Lab found in a recent report that a majority of organizations (75 percent) regard ICS security as a major priority. On the other hand, organizations aren’t implementing the proper safeguards to secure their industrial control systems. The Kaspersky study uncovered that many organizations (67 percent) still aren’t compliant with mandatory industry or government guidance surround ICS security, for instance, while 10 percent of organizations still don’t measure the number of incidents and breaches that they’ve experienced.

Clearly, organizations have not sufficiently protected their ICS infrastructure. Such neglect has left many industrial environments vulnerable to an industrial digital security event. Caused by human error, equipment failure or malicious activity, an industrial digital security event weakens an organization’s ability to view, monitor and control their industrial processes. Such an incident can cause vital systems to malfunction and thereby jeopardize the public’s safety.

Vulnerability and Visibility: The Two “V’s” of ICS Security

Fortunately, there’s a path for organizations to strengthen the security of their industrial control systems. It involves confronting the two “v’s” of ICS security: vulnerability and visibility.

Vulnerability

First, organizations must address the vulnerabilities that affect their ICS assets. This is an important step in the ICS security process, as industrial organizations tend to retain their assets and controls past these technologies’ average lifecycle of 15 years. By keeping them on, industrial organizations invite digital attackers to leverage these older, vulnerable devices in order to gain access to their networks and compromise their industrial processes.

Organizations need to mitigate vulnerabilities that affect their industrial assets wherever possible. All things considered, creating a robust vulnerability management program is a good place to start. Industrial organizations should make sure they extend this program across their (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/using-visibility-navigate-role-ics-security/

April 25, 2019April 26, 2019 David Bisson ICS Security
  • ← RSA Conference 2019: Questions, Comments, Concerns?
  • Stripe updates its product stack to prepare European businesses for SCA-compliance →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

The Security Industry is Protecting the Wrong Thing
Very Many Qualcomm Phone Chips Hiding Very Nasty Vulnerability
Protecting Collaboration Channels for Remote Work
Enterprises in the Crosshairs of Nation-State Attacks
Despite MDM, Financial Services Plagued by Phishing, Malware
What Cybersecurity Standards and Frameworks Should You Adopt Next?
An In-Depth analysis of the new Taurus Stealer
OT and IoT Security: Adopt a Post-Breach Mindset Today
Fake Covid-19 Test Results Stifle Travel | Avast
Achieving PCI DSS Compliant Firewalls within a Small Business

Upcoming Webinars

Wed 12

The COVID-19 Conundrum: Deep Dive into Cloud Threats

May 12 @ 3:00 pm - 4:00 pm
Thu 13

Container Live-Hack: Managing Container Vulnerabilities in Amazon ECR and Amazon EKS

May 13 @ 11:00 am - 12:00 pm
Mon 17

Are We There Yet? The State of Cloud Native Application Security

May 17 @ 9:00 am - 10:00 am
Thu 20

Open Source Risk Management in the Financial Sector

May 20 @ 11:00 am - 12:00 pm
Tue 25

Your Data Has Moved to the Cloud. Has Your Security Stack?

May 25 @ 11:00 am - 12:00 pm
Tue 25

Accelerate Threat Detection on AWS Cloud and Containers

May 25 @ 1:00 pm - 2:00 pm
Wed 26

How AI & Shift Left Can Help Transform Your Enterprise Testing

May 26 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

The State of Cloud Native Security 2020

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

The Perils of a Running Start: Can You Skip SOC 2 Type 1?
CISO Suite Cybersecurity Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) 

The Perils of a Running Start: Can You Skip SOC 2 Type 1?

May 10, 2021 Justin Beals | Yesterday 0
Passwords a Threat to Public Infrastructure
Application Security CISO Suite Cybersecurity Governance, Risk & Compliance Identity & Access Industry Spotlight Security Boulevard (Original) 

Passwords a Threat to Public Infrastructure

May 6, 2021 Raz Rafaeli | May 06 0
Breach Clarity Weekly Data Breach Report: Week of May 3
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) Threats & Breaches Vulnerabilities 

Breach Clarity Weekly Data Breach Report: Week of May 3

May 5, 2021 Kyle Marchini | May 05 0

Top Stories

Colonial Pipeline FAIL: Ransomware Gang Threatens Gas Supplies
Analytics & Intelligence Application Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Identity & Access Incident Response IoT & ICS Security Malware Network Security News Security Boulevard (Original) Social Engineering Threat Intelligence Threats & Breaches Vulnerabilities 

Colonial Pipeline FAIL: Ransomware Gang Threatens Gas Supplies

May 10, 2021 Richi Jennings | Yesterday 0
Of Pipelines And Cybersecurity
Cybersecurity Featured Incident Response Network Security News RSA Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches 

Of Pipelines And Cybersecurity

May 10, 2021 Richard Stiennon | Yesterday 0
Very Many Qualcomm Phone Chips Hiding Very Nasty Vulnerability
Analytics & Intelligence Cybersecurity Data Security Endpoint Featured Identity & Access IoT & ICS Security Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Very Many Qualcomm Phone Chips Hiding Very Nasty Vulnerability

May 7, 2021 Richi Jennings | 4 days ago 0

Security Humor

via the comic delivery system monikered Randall Munroe resident at XKCD!

XKCD ’90’s Kid Space Program’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.