Bringing Strength in Visibility to the Most Critical Networks
Industrial control system security is facing new challenges and strains as customers continue to demand new innovations and always-on, connected “smart” service. As more devices connect to grids and networks, researchers and malicious actors continue to look for new flaws and vulnerabilities to exploit. This new age of connectivity brings an end to the old security posture: staying isolated and disconnected thus eliminating the opportunity for cyber attack. Hackers and attackers are counting on ICS organization’s reliance on legacy security protocols. Now is the time to get a step ahead of them by adopting a proactive approach to security and resilience.
It is easy to assume that a breach or attack is less likely, especially in a time when headline-grabbing attacks are focused on banks, retailers and health systems. Industrial Control System operators are already connected and vulnerable. According to Gartner, in 2012, some 26 billion ICS related devices, from trucks to appliances and manufacturing systems, were connected to the Internet. The study also revealed that of 500,000 devices connected to key control systems, 7,200 actually connected to critical control systems in the United States alone.
Attacks are increasing in both scope and in scale. According to ICS-CERT and the US Department of Homeland Security, attacks against ICS systems increased 52 percent between 2012 and 2013. As the threats increase, the ability for system operators to defend these systems is strained by the complexity of attacks, but also by legacy systems, workforces and processes that put safety at risk. An EU smart meter review showed that the majority of default system passwords were “1234”, highlighting that user error and lax end-point security is a more common issue that is hard for security experts to predict or prevent.
Systems that Power the World Are Under Attack
Codenomicon solutions empower proactive detection of vulnerabilities that can disrupt global operations and destroy public trust. The suite of next- generation solutions helps forge a better path to total defense. By bringing known and unknown vulnerabilities into view, ICS operators and manufacturers equipment manufacturers can bring new levels of product security and robustness. The ISA Security Compliance Institute (ISCI) has recognized the Codenomicon Defensics ISASecureTM Testing Solution for use in the ISASecure EDSA certification program (www.isasecure.org).
Identify the Weakest Link and Bring the Unknown Into View: The connected age of industrial control systems adds strain to the operators of critical systems, to the manufacturers of the control systems who are now being required to deliver safer, more secured products. To address the risk from the unknown, Codenomicon’s Defensics solution delivers the visibility by identifying unknown flaws and the most effective path to remediation. Supporting over 270+ protocols, Defensics aids carriers looking to quickly and efficiently test and secure regardless of device, platform or protocol.
Automated Threat Intelligence and Situation Awareness: Because industrial control systems must rely on interdependent systems, keeping track of these points of connection can be complex and difficult. Situation awareness, and the ability to scan, understand, and respond quickly is a requirement of the new connected ICS world. AbuseSA is scalable and powerful, delivering comprehensive threat intelligence to rapidly respond, remediate and report on the ever-changing threat-scape. AbuseSA enables information collection from across multiple sources, bringing data received in different formats into one, simple to read browser-based view, allowing networks to share actionable, real-time information more efficiently and effectively.
Codenomicon solutions focus on delivering true strength through visibility and proactive detection. This is why ICS operators and manufacturers have chosen to build in new levels of security and robustness to their networks with Codenomicon. To learn more about the Codenomicon solutions and services best suited ICS operators or device manufacturers contact firstname.lastname@example.org. You will be connected with an industrial control system industry expert who will help craft a path to optimal visibility and security.