Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Reducing cyber attack risks in industrial automation

Tripwire Inc : 29 June, 2016  (New Product)
Belden subsidiary, Tripwire, is now offering Configuration Compliance Manager for providing security to industrial automation systems
Reducing cyber attack risks in industrial automation

Tripwire Configuration Compliance Manager (CCM) now supports ANSI / ISA-62443, a global standard for securing industrial automation systems, controllers and associated networking equipment configurations. Tripwire CCM can now reduce cyber security risks from external attacks, malicious insiders and human error while protecting critical infrastructure reliability, uptime and safety of industrial automation and manufacturing environments.  

“By extending our CCM software we can now address the unique cyber security challenges associated with demanding operational technology (OT) environments,” said Rekha Shenoy, vice president and general manager of industrial cyber security for Belden, Tripwire’s parent company. “With this offering, we are able to assess and monitor changes that can indicate a cyber attack without connecting to or communicating with PLC or control devices. Tripwire CCM maximizes uptime while improving security.”

Without awareness of communication and activity of each segment in an OT environment, evaluating risks and security of assets becomes increasingly difficult. Operations and security staff must be able to define and verify baseline behaviour to assess and detect possible anomalies, and then decide a response.

Tripwire CCM allows engineers and cyber security personnel to audit industrial automation networks and controllers for secure and approved configurations. It also identifies unauthorised changes, configuration hardening errors and security vulnerabilities and provides prioritised remediation guidance to reduce risks without affecting operational availability, reliability or safety. Tripwire CCM can be layered on top of a standard implementation of FactoryTalk AssetCentre from Rockwell Automation for greater visibility into industrial automation applications.

Key features:

* Agentless, low-touch design requires no software installation or changes to ICS environments. Tripwire CCM provides security intelligence by monitoring FactoryTalk AssetCenter and does not communicate directly with ICS control devices.
* ANSI/ISA-62443 policy support coverage was derived from the same policy document detailing IEC 62443.
* New “Search by Security Level” feature allows plant owners to assess the compliance of all devices in the plant environment.
* Easy installation, operation and customization for environment-specific requirements; no specific cyber security expertise is required.
* Comprehensive cyber security assessment that evaluates configuration data, vulnerabilities, ICS-CERT advisories, vendor advisories, industry standards, policies and hardening guidelines.

According to the Department of Homeland Security and ICS-CERT, cyber attacks against industrial organisations have increased between 2014 and 2015,  with more of these attacks making it through to the controller layer. Recent attacks such as the attack on the Ukraine power system have shown that firmware on control devices can be corrupted, allowing attackers to compromise the reliability, availability and safety of mission-critical infrastructure.

"A combination of factors is dramatically reshaping OT security,” said Robert  Westervelt, information security research manager for IDC. “More Internet connected industrial automation devices and the convergence of OT and IT infrastructures, in addition to a shortage of security skills, means that accurate evaluation and mitigation of security risks is increasingly challenging.”

Tripwire CCM support for industrial automation is part of Belden’s cyber security initiative, which brings together three trusted Belden brands – Tripwire, Tofino Security and GarrettCom – to form comprehensive industrial cyber security solutions. These brands deliver solutions designed to protect all layers of industrial systems, including networks, controllers and endpoints.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo