Why leveraging live environment simulations and putting ICS tools to the test is the best way to evaluate their fitness.
Track and field was one of my favorite sports growing up. I didn’t begin competitively participating until I was a teenager, but I was instantly hooked once I started. Why? Because the clock didn’t lie. The tape measure didn’t lie. The fastest time always won, and the longest throw always won.
I like to think of ICS security tools in a similar way. When determining what tool is best for your environment, you need to see them live as they’re playing the game. Marketing spin and the universal statement of “our ICS tool is the best out there” needs to be equally met by strong performance.
So as you’re looking to evaluate and navigate through messages from dozens of providers, make it a competition to your benefit.
Some ways in which you can gamify ICS security solution evaluation:
Ask for a demonstration with your environment’s data.
All of us vendors have figured out how to show you our best demo. If you leave it up to us, we’re going to load up the ideal scenarios that highlight the best features of our tools. While this is certainly beneficial information for you, it can be made even richer if you ask a vendor to consume some of your own network’s traffic (by sending over a packet capture or doing a live proof of concept) to see how the tool performs. That way, you get a preview of what interaction with the tool would be like for your specific use cases.
Ask to see the whole portfolio.
Most users today are looking for asset visibility and anomaly detection applications that have a combination of passive and active data collection methods. That’s a (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Kristen Poulos. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/results-speak-louder-words-guide-evaluating-ics-security-tools/