Monday, September 25, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • Cyber Security in Banking: Top Threats and Best Ways to Prevent Them
  • How to Check if Your Email Sources are Reliable?
  • Insider Risk Digest: Week 37-38
  • Content Creation, Mental Health in Cyber, The MGM Ransomware Attack
  • Why Enterprises Switch to SafeBreach
Security Bloggers Network 

Home » Security Bloggers Network » How to Advance ICS Cybersecurity: Implement Continuous Monitoring

SBN

How to Advance ICS Cybersecurity: Implement Continuous Monitoring

by Anastasios Arampatzis on June 7, 2019

Industrial Control Systems (ICS) include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and other control system configurations such as Programmable Logic Controllers (PLC). They are typically used in industries such as electric, water, oil and natural gas, transportation, chemical, pharmaceutical and manufacturing (e.g., automotive, aerospace). These control systems are vital to the operation of U.S. critical infrastructures that are often highly interconnected and mutually dependent systems.

AWS Builder Community Hub

Initially, ICS had little resemblance to traditional information technology (IT) systems, and ICS were isolated systems running proprietary control protocols using specialized hardware and software. Many ICS components were in physically secured areas, and the components themselves were not connected to IT networks or systems. Nowadays, widely available, low-cost IP devices have replaced proprietary solutions, a shift which has increased the possibility of cybersecurity vulnerabilities and incidents.

This integration supports new IT capabilities, but it provides significantly less isolation from the outside world than predecessor systems, creating a greater need to secure these systems. While security solutions have been designed to deal with these security issues in typical IT systems, special precautions must be taken when introducing these same solutions to ICS environments because ICS have characteristics that differ them from traditional information processing systems.

Pillars of an Effective Cybersecurity Program

For the above reasons, there have been developed various ICS cybersecurity frameworks and regulations, such as IEC62443, NERC CIP, NIST SP 800-82 and American Water Works Association Process Control Network Security Guidance. These frameworks cater to best practices, which are the pillars for a strong industrial cybersecurity program.

These best practices consist of:

  1. Identifying what systems need to be protected.
  2. Separating the systems logically into functional groups.
  3. Implementing a defense-in-depth strategy for each functional group.
  4. Controlling access into and between each group.
  5. Limiting the actions that (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Anastasios Arampatzis. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/advance-ics-cybersecurity/

June 7, 2019June 7, 2019 Anastasios Arampatzis continuous monitoring, Cybersecurity, ICS, ICS Security
  • ← Cryptocurrency wallet GateHub hacked, nearly $10 million worth of Ripple (XRP) stolen
  • BeiTaAd Adware Hidden in Google Play Apps | Avast →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Mon 25

Cloud Security

September 25 @ 1:00 pm - 2:00 pm
Thu 28

A Guide to Smart Dependency Management

September 28 @ 12:00 pm - 1:00 pm
Oct 03

Way Too Vulnerable: Uncovering the State of the Identity Attack Surface

October 3 @ 11:00 am - 12:00 pm
Oct 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Oct 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Oct 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Oct 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Oct 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Oct 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Oct 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

A Wave of Chinese Cyberthreat Campaigns Use Old and New Malware
Getting Started With Two-Factor Authentication (2FA)
Dig Security Adds Support for SaaS Apps to DSPM Platform
How Threat Hunting can Strengthen Your Cybersecurity Posture
Coalition Report Reveals Ransomware Resurgence
Tracking Rite-Aid Store Closures
Helpdesk Telephone Attack: How to Close Process and Technology Gaps
Improve Your Organization’s Cloud Infrastructure with PeoplActive’s Cloud Consulting Services
Orchestration Kitchen Workshop on Migrating CIAM from Keycloak to Amazon Cognito
Email Intelligence Dashboard

Download Free eBook

7 Must-Read eBooks for Security Professionals

Industry Spotlight

Google: Chromebooks Will Get 10 Years of Software, Security Updates
Application Security Cybersecurity Data Security Endpoint Featured Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight 

Google: Chromebooks Will Get 10 Years of Software, Security Updates

September 19, 2023 Jeffrey Burt | Sep 19 0
Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware
Cloud Security Cybersecurity Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches 

Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware

September 18, 2023 Jeffrey Burt | Sep 18 0
DoD Turns to Stronger Alliances to Combat Cyberthreats
Cybersecurity Data Privacy Featured Industry Spotlight Malware Network Security News Security Awareness Security Boulevard (Original) Spotlight 

DoD Turns to Stronger Alliances to Combat Cyberthreats

September 14, 2023 Jeffrey Burt | Sep 14 0

Top Stories

China Accuses US of Years of Cyber-Spying, Malware Campaigns
Cybersecurity Data Security Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

China Accuses US of Years of Cyber-Spying, Malware Campaigns

September 22, 2023 Jeffrey Burt | 2 days ago 0
Signal Intros Quantum-Resistant Encryption for App
Application Security Cybersecurity Data Privacy Data Security Featured Identity & Access Mobile Security Network Security News Security Boulevard (Original) Spotlight 

Signal Intros Quantum-Resistant Encryption for App

September 22, 2023 Jeffrey Burt | 2 days ago 0
GitLab Releases Urgent Security Updates for Critical Flaw
Application Security Cloud Security Cybersecurity Data Security DevOps Featured Identity & Access News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

GitLab Releases Urgent Security Updates for Critical Flaw

September 21, 2023 Jeffrey Burt | 3 days ago 0

Security Humor

Randall Munroe’s XKCD ‘xkcd Phone Flip’

Randall Munroe’s XKCD ‘xkcd Phone Flip’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.