Cybersecurity Blog: The Cyber Scene is evolving, are you?

New features make compliance and configuration management easier than ever!

Please see links below to view our new Passive Monitoring capabilities sheet:

Overview

Industrial Control Systems / Supervisory Control and Data Acquisition (ICS/SCADA) devices monitor and control critical infrastructure, but what tools monitor these systems? Many ICS/SCADA systems were developed and deployed before the evolution of today’s cybersecurity threats. These systems were not designed to interface with modern IT security architecture. Typically they lack local intelligence or security awareness. Most ICS/SCADA systems are protected only by a firewall, leaving OT security operators with little understanding of who or what may be trying to penetrate and breach there systems. Passive monitoring helps fill this ICS visibility gap.

Passive monitoring deploys non-invasive network sensors that capture the communication between SCADA and PLC devices looking for possible threats. These devices listen to network traffic and have a learning capability that captures the typical communication between devices and report out when anomalous activity is detected.

Read more

Need to improve your company’s cybersecurity? A myriad of vendors and thought leaders are ready to sell their products or ideas to do just that. What you don’t usually hear is how some of these technologies or practices might not be as effective as you’re led to believe. Working in systems engineering, as well as having run red team and blue team assessments for some of the world’s largest companies, I’ve observed four common practices that contribute to sophisticated corporations being lulled into a false sense of cybersecurity.

Read more

Live security evaluations are essential to the good security health of an organization.  An evaluation performed by a skilled internal organization—or a qualified third party—allows an organization to objectively test its security measures and defensive capabilities. This not only helps evaluate the effectiveness of existing security controls which may require remediation, it also identifies blind spots that represent pockets of previously-unknown risks to the organization.

Read more