Industrial managers are more aware than ever of the risk cyber threats pose to operational technology (OT), production safety, and reliability. However, programs to prevent, detect, and remediate threats to critical OT systems have not received the same level of focus as traditional IT systems. As a recent CISA alert notes, threat actors continue to demonstrate their willingness to target critical infrastructure (Alert AA20-205A, NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems, July 23, 2020).
Executives and boards in industrial organizations want to understand current risk profiles and whether a recently disclosed vulnerability puts the organization at risk. But many organizations are still in the early stages improving their OT asset inventories and relying on manual approaches for risk identification, prioritization, and remediation. OT cybersecurity maturity can also differ widely across sites within a larger organization.
To meet these challenges, today PAS announced new modular licensing and deployment options with Cyber Integrity version 7.0 that provide flexibility to address specific needs as sites advance their OT cybersecurity maturity:
- Cyber Integrity – Inventory Management: provides discovery and topology mapping of industrial control system environments down to Level 0 devices with unmatched depth and accuracy without passive network detection limitations and active network polling risks.
- Cyber Integrity – Vulnerability Management: includes inventory management and enables the identification of vulnerabilities hidden in industrial infrastructure, leveraging and enhancing regular feeds from the United States National Vulnerability Database (NVD).
- Cyber Integrity – Enterprise: includes inventory and vulnerability & patch management as well as in-depth Level 3 to Level 0 OT asset configuration management with comprehensive cybersecurity configuration baselining, unauthorized configuration change detection, workflow-driven vulnerability remediation and incident response, risk analytics, compliance workflows and reporting, and backup and recovery support.
Whether a site is working to build their security foundation with an accurate and detailed OT asset inventory, ready for vulnerability assessment and patch management, or looking to establish a mature enterprise program, Cyber Integrity has them covered. With seamless, in-product expansion, PAS makes it easy for industrial organizations to address their immediate OT cybersecurity needs and incrementally unlock new functionality as their sites and programs mature. This modular capability is increasingly needed as digitalization and the accelerating shift to remote work caused by the COVID-19 pandemic expand the industrial cyber-attack surface.
PAS also announced today a new OT Inventory Assessment service. Obtaining an accurate, detailed OT asset inventory is a foundational step for improving industrial cybersecurity and reducing risk. Without a solid understanding of the assets on your process control network (PCN), developing and implementing a strategy to manage risk and ensure reliable operations is impossible. However, since a “good” OT asset inventory is often not well defined, most OT asset inventories continue to be incomplete and unreliable, increasing risk and hindering incident response.
The PAS OT Inventory Assessment service, offered at no charge to qualified organizations, analyzes a site’s current OT inventory, identifies gaps with industry best practices, and the business value of addressing them.