Indegy released its ICS Security Suite which delivers end-to-end visibility into operational technology (OT) cyber threats, vulnerabilities, assets and their configurations.
Indegy provides purpose built OT security monitoring that has traditionally been lacking in industrial networks.
“Threat actors on multiple fronts continue to seek to exploit cyber vulnerabilities in the U.S. electrical grid,” said the recent Idaho National Laboratory (INL) report “Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector.” The report cites China, Iran, Russia and others as the primary adversaries.
“Industrial operations are now highly connected, making them sensitive to downtime from cyber attacks, malware, and maintenance errors, yet these environments lag behind IT networks in security, visibility and control,” said Mille Gandelsman, CTO of Indegy. “With this new release, Indegy gives OT network managers and engineers unprecedented visibility from the network all the way to the backplane configuration of industrial controllers to detect threats, address vulnerabilities and automate asset management.”
To detect threats, Indegy’s new automated vulnerability management capabilities build a continuously updated security risk profile for each asset based on its criticality level and by monitoring the following:
• Open and misused network ports
• Security hotfixes deployed on MS-Windows machines, including servers, workstations, desktops, SCADA terminals and HMIs
• Cybersecurity vulnerabilities on the devices in the environment, based on CVE scoring
This enables organizations to identify and remediate threats before they can be exploited.
In order to assess cyber risk and ensure operational reliability and safety, industrial operators need to identify and track assets, plus control their configurations. Automated asset management capabilities monitor and maintain a complete inventory of industrial controllers, their settings and backplane configurations, including:
• Firmware and OS versions
• Patch levels
• Module names, models and serial numbers
• Usage statistics, and more
This detailed visibility can be used to recover from incidents and restore devices to a “known good” state, provide asset tracking for compliance and support capacity planning.