Forescout Technologies, Inc. added a new component to its SilentDefense industrial control system security solution to help organizations aggregate and prioritize risks targeting OT and IoT devices.
Asset Risk Framework provides users with impact-based scores in a central dashboard so they can determine their current security risk exposure, identify assets that have a high potential of being attacked and enable engineers to take action on the assets that need attention.
Network security monitoring tools create large amounts of information which can be very challenging for cybersecurity and operational stakeholders to review. By aggregating and prioritizing operational and cyber security-based risk, real time decisions can be made quickly saving money and reducing probable issues to the networks.
“The convergence of IT and OT networks and threats posed by the adoption of IIoT devices and services in the cloud has left enterprises more vulnerable than ever before,” said Damiano Bolzoni, vice president of OT and industrial business, Forescout. “It is essential that organizations have access to real time data and visibility of its entire network so they can quickly understand their risk exposure and take preventative measures to mediate against the threats.”
Forescout’s SilentDefense also offers:
• Active PLC Queries: Seamless process for cyber security analysts to create alert parameters so they can quickly set up custom compliance and monitoring directives so that no PLC/Controller can go unseen.
• Enhanced Compliance Reporting: Critical infrastructure managed by utility and energy organizations have compliance obligations when securing its networks. Forescout has now automated the compliance and reporting process for North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) compliance.
• FIPS Compliant: All government and federal organizations have to ensure they are Federal Information Processing Standards (FIPS) compliant. SilentDefense now includes tools and functions to allow these organizations to easily adhere to the security requirements of OT and ICS Networks of FIPS for implementing crypto algorithms, encryption schemes, handling important data, and working with various operating systems and hardware.