A comprehensive inventory of OT/ICS assets is the foundation for reducing cybersecurity risks ― and it also improves operations. Learn why configuration analysis gives you comprehensive ICS asset inventory information and keeps it current without extensive manual effort or putting additional load on your network.
Read now >
Effective OT cybersecurity requires tools and best practices combined with a detailed understanding of the process automation systems in a plant. Adopting the five independent safety layers (IPLs) described in this paper will greatly strengthen your OT cybersecurity strategy.
Read now >
Having a good OT-level asset inventory that goes beyond devices with an IP address is essential to a good cybersecurity strategy, according to the ARC Advisory Group. Asset inventory and visibility also provides the foundation for excellence in other areas of a manufacturing plant and critical infrastructure, including configuration, change management, and anomaly detection.
Read more > >
With smarter, integrated automation comes a difficult challenge that has repercussions from the boardroom to manufacturing operations: OT/ICS cybersecurity. It is generally well understood that you cannot secure what you cannot see. That is why accurate, up-to-date visibility of the system inventory is a key element of any cybersecurity solution. This paper discusses industry best practices for hardening cybersecurity, focusing on the first and most crucial step:OT/ICS inventory management.
Read now >
With cyber incidents and reported vulnerabilities on the rise, industrial cybersecurity leaders must deploy proactive industrial endpoint detection and response (EDR) across the entire process control network. This paper examines how EDR should extend to proprietary endpoints, what security controls have the greatest effect on reducing risk for these cyber assets, and what best practices apply.
Read now >
We asked 20 experts to share their strategies for managing OT/ICS cybersecurity. Their answers reflect a rich knowledge of cybersecurity and risk management best practices across a diverse range of industries—including oil and gas, chemicals and refining, and power generation. These insights are compiled in four eBooks organized around critical topics to inform anyone tasked with securing critical infrastructure.
Read more > >
According to ARC Advisory Group, many industrial operations remain at risk of costly, disruptive cyber incidents. Despite significant investments in defensive technologies, most companies are not doing a good job of maintaining them due to an imbalance between investments in security technologies and the people, processes, and security management technologies needed to sustain them.
Read more > >
This paper examines how an over-reliance on IT-centric perimeter defenses, combined with an inability to see vulnerabilities lurking deep within industrial control system (ICS) environments, has left our critical infrastructure vulnerable. It also discusses current OT/ICS vulnerability management challenges, as well as how you can find and remediate vulnerabilities hidden today within OT/ICS environments by taking a more production-centric approach to managing vulnerabilities on Level 2, 1, and 0 ICS assets.
Read now >
Industrial companies have made significant investments in cybersecurity technologies to protect their plants and industrial control systems (ICS). However, many companies are unable to keep up with the never-ending stream of new vulnerability alerts from suppliers and groups like ICS-CERT. This leaves many plants at risk of serious cyber incidents, jeopardizing safety and operational reliability. In this paper, ARC Advisory Group discusses continuous OT/ICS vulnerability management with PAS executives.
Read now >
In this transcript of a webinar, industry experts David Batz, senior director of Cyber and Infrastructure Security at Edison Electric Institute, and Jason Haward-Grau, chief information security officer at PAS Global, discuss whether a government mandated regime makes for a more secure an industry, or is self regulation the answer.
Read now >
ARC Advisory Group met with PAS, a provider of process safety, cybersecurity, and asset reliability solutions, to discuss the company’s approach for a new unified information management system that can integrate key process safety and operational metrics with industrial control systems (ICS) cybersecurity metrics. This creates a common view of risk in real time, allowing end users to address emerging issues before they can result in unplanned downtime or an incident.
Read more > >