The 4 Questions Industrial CISOs Need to Ask When Evaluating a Cybersecurity Tool

The 4 Questions Industrial CISOs Need to Ask When Evaluating a Cybersecurity Tool
The 4 Questions Industrial CISOs Need to Ask When Evaluating a Cybersecurity Tool
Cybersecurity is finally reaching the shop floor in earnest thanks to new technology that works with—not against—the legacy equipment that runs most industrial control systems (ICS). That being said, industrial companies and organizations in sectors like manufacturing, energy, utilities, transportation and water treatment can be slow to adapt to the new cybersecurity tools at their disposal because they present a new way of operating in an industry that’s set in its ways.

Even If It Ain’t Broke, It Still Needs to Change with the Times

Historically, traditional IT tools didn’t know how to play nice with industrial equipment, which risked operational downtime if machines were disrupted during security scans intended for IT environments. Luckily, cybersecurity solutions providers are now customizing their IT tools to speak ICS’ language—the language of industrial protocols like Modbus TCP and Ethernet/IP CIP, HTTP/HTTPS and SNMP, to name but a few. This opens up a whole new world of possibilities for monitoring OT environments to ensure the safety, quality and uptime of your operations.

Industrial CISOs are now in an advantageous position: they can give their floor operators the same cybersecurity visibility their IT operators have had for years. With a single change management solution, the IT and OT sides of your organization can finally be in alignment under one cybersecurity tool monitoring for suspicious and unauthorized changes.

With a single interface management system, Tripwire Enterprise offers OT an agentless security solution which can be accessed from virtually anywhere and which provides a comprehensive picture of security issues and actions. With automated continuous monitoring across different types of operating systems,  industrial devices and applications, industrial organizations now have a simplified and cost-effective solution for maintaining system hardening and continual proof of compliance for standards like IEC 62443, NERC CIP, NIST and CIS ISC CSC.

4 Questions You Need to Ask When Evaluating a Cybersecurity Tool


1. Why Is It Crucial to Know What’s on Your ICS Network?

Network monitoring systems provide the first line of defense when applications go down or when performance begins to deteriorate. With Tripwire Enterprise Asset View, you can classify assets across your OT and It networks. Users benefit from unparalleled deep visibility and cyber-resilience while reducing operational burdens and improving responsiveness.

Sixty-four percent of security leaders (directors or higher) feel that they lack the tools and resources they need to monitor, 62 percent lack the tools and resources they need to analyze and understand and 68 percent lack the tools and resources they need to mitigate external threats. It is not always easy to figure out what is running, much less whether or not it is configured properly. But once you understand your current security posture, you can develop a strategy to assemble the assets and implement protocols to accomplish your security goals.


2. Does It Test for Regulatory Compliance?

In addition to detecting an unauthorized change on your industrial devices, Tripwire Enterprise aids in achieving and maintaining regulatory compliance with frameworks like IEC 62443, NERC CIP, NIST and the Center for Internet Security’s CIS ISC CSC. You can analyze for secure configurations and run policy tests against standards and best practices on your industrial devices.

3. How Does It Handle Configuration Security?

In a recent Ponemon study, only 15 percent of businesses surveyed believed they were effective in implementing security initiatives that provided actionable intelligence in attacks on their IT systems/networks and ICS/SCADA systems. Another global study by ServiceNow indicated that 78% of CISOs are worried about their ability to detect breaches in the first place.

4. Will Remediating Suspicious Changes Cause System Downtime?

One of the biggest concerns of ICS operators is that remediating suspicious changes will lead to an interruption in operations. Tripwire Enterprise provides centralized control of configurations across the entire physical and virtual IT & OT infrastructures, including multiple devices, platforms and operating systems, without interrupting operations.

While ICS downtime at the hands of a security solution was once a much more realistic concern, cybersecurity tools are now changing the face of ICS cybersecurity by helping operators remediate issues that could threaten system uptime.

About The Author

This article was written by Gabe Authier of Tripwire

Click Here for More Information

Did you enjoy this great article?

Check out our free e-newsletters to read more great articles..