Cybersecurity is finally reaching the shop floor in earnest thanks to new technology that works with—not against—the legacy equipment that runs most industrial control systems (ICS). That being said, industrial companies and organizations in sectors like manufacturing, energy, utilities, transportation and water treatment can be slow to adapt to the new cybersecurity tools at their disposal because they present a new way of operating in an industry that’s set in its ways.
Even If It Ain’t Broke, It Still Needs to Change with the Times
Historically, traditional IT tools didn’t know how to play nice with industrial equipment, which risked operational downtime if machines were disrupted during security scans intended for IT environments. Luckily, cybersecurity solutions providers are now customizing their IT tools to speak ICS’ language—the language of industrial protocols like Modbus TCP and Ethernet/IP CIP, HTTP/HTTPS and SNMP, to name but a few. This opens up a whole new world of possibilities for monitoring OT environments to ensure the safety, quality and uptime of your operations.
Industrial CISOs are now in an advantageous position: they can give their floor operators the same cybersecurity visibility their IT operators have had for years. With a single change management solution, the IT and OT sides of your organization can finally be in alignment under one cybersecurity tool monitoring for suspicious and unauthorized changes.
Tripwire Enterprise for Industrial Devices Is Here
With a single interface management system, Tripwire Enterprise offers OT an agentless security solution which can be accessed from virtually anywhere and which provides a comprehensive picture of security issues and actions. With automated continuous monitoring across different types of operating systems, industrial devices and applications, industrial organizations now have a simplified and cost-effective solution for maintaining system hardening and continual proof of compliance for standards like IEC 62443, NERC CIP, (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Gabe Authier. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/questions-industrial-cisos-evaluating-cybersecurity/