Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Choosing an OT Security Solution? Here Are the 7 Questions to Ask

Look before you leap is excellent advice for security leaders to heed before they select security solutions to reduce Cyber Exposure in Operational Technology (OT) environments. And, who is better qualified to deliver that advice than Gartner?

Gartner recently published a research note, 7 Questions SRM Leaders Aren’t Asking OT Security Providers During Technology Selection, to help you define important requirements for OT security that you might have overlooked. I’ll outline how Tenable Industrial Security can help you address each question Gartner asks in the research report.

#1. “Is the solution vendor-agnostic?”*

Supporting a variety of Industrial Control System (ICS) assets requires an understanding of a variety of protocols. Tenable Industrial Security monitors a wide variety of protocols commonly used by OT devices, including BACnet, CIP, DNP3, Ethernet/IP, ICCP, IEC 69-0870-5-104, IEC 60850, IEEE C37.118, Modbus/TCP, OPC, openSCADA, PROFINET, Siemens S7 and more.

However, protocol support is just the start – support for your specific OT devices is also required. Industrial Security supports systems from dozens of manufacturers, including Siemens, ABB, Emerson, GE, Honeywell, Rockwell/Allen-Bradley and Schneider Electric. Additionally, Tenable commonly works with customers to add support for specific devices, as needed.

#2. “Does the solution provide asset discovery to enable operational continuity and system integrity?”*

Asset discovery is core to virtually all OT compliance requirements and best practices. Asset discovery is challenging in IT environments. It’s even more difficult in OT environments because actively scanning OT networks can disrupt or degrade operations. Therefore, Gartner recommends, “Ensure the solution passively scans and analyzes industrial network communications, provides information about network assets, provides advanced anomaly detection, and alerts in real time for any threat to operational continuity and system integrity.”*

Industrial Security includes Nessus Network Monitor passive sensors, which safely and continuously monitor OT networks to detect and identify assets active on the network. They detect new assets added to the network, passively determine the operating system and display machine-to-machine connections.

#3. “Does the solution detect and alert on known common vulnerabilities and exposures?”*

Gartner’s research note says, “A platform that incorporates known CVE discovery into the security policy will provide faster detection, as well as provide value from Day 1 of its deployment.”* Industrial Security patented vulnerability analysis technology identifies vulnerabilities in sensitive OT systems that cannot be actively scanned due to the risk of disruption or performance impact. Reports present the vulnerability information is a variety of formats. And alerts for critical vulnerabilities can be sent to SIEMs.

#4. “Can the solution evolve from mirror-mode to in-line security?”*

Gartner states, “SRM leaders in many industries will typically prefer to deploy their OT security systems in passive, detection-only mode (mirror-mode), while disabling active preventive capabilities, as older PLCs will stop working when any unexpected traffic touches them. This is a sensible starting point, which reduces the risk of unplanned impact on the operational technology network. However, in certain industrial control systems, as these leaders gain trust with their solution configuration, they will often want to evolve to in-line deployment, which provides some level of active prevention.”* This evolution allows you to increase the depth of detection and analysis where it makes sense.

In addition to Industrial Security passive detection and analysis, Tenable.io Vulnerability Management offers both active scanning and agents for use with IT-based and other robust assets deployed in OT environments. You can easily evolve your approach as you gain confidence.

#5. “Does your solution provide IT support in addition to OT?”*

Gartner states that, “Most OT attacks in the last 10 years started at the more accessible IT network. Security vendors that provide both IT and OT detection may detect an attack at earlier stages, before it enters the OT network, allowing more time to respond and remediate. Obviously, the solutions under consideration must support unique OT security needs, such as protecting OT protocols, supplier remote access to OT equipment and deep packet inspection (DPI). But in addition to OT detection, IT detection, monitoring, and visibility capabilities must be supported as well.”*

Tenable understands that interconnected OT and IT systems cannot be secured in isolation. Our solutions span Industrial-IoT/ICS/SCADA, the cloud and traditional IT, including network devices.

#6. “Does your solution support secure IT/OT alignment?”*

This question addresses the trend to use IT infrastructure in OT architecture layers and the potential risk of using IT security practices and technology that may not be well-suited to OT.

Tenable understands that active security technologies appropriate for IT environments may disrupt and/or degrade performance in OT environments. We’ve provided both active and passive technologies for more than 10 years, and the passive technology understands OT-related protocols.

#7. “Is the solution designed to live in an OT environment from a hardware or operating environment perspective?”*

Industrial Security can be installed on your choice of hardware, including rugged servers designed to operate in harsh conditions. Industrial Security implementations are configurable to meet your network and physical architecture requirements. For example, you can install Industrial Security at each of multiple sub-stations and roll up the results to a master instance for overall visibility.

Please take 10 minutes to read a complimentary copy of Gartner’s research note, 7 Questions SRM Leaders Aren’t Asking OT Security Providers During Technology Selection. If you’d like to discuss your OT security needs, contact us now.

Read Gartner's Research Note

*Gartner, “7 Questions SRM Leaders Aren't Asking OT Security Providers During Technology Selection,” Saniye Burcu Alaybeyi, 11 January 2018.

Publicações relacionadas

Inscreva-se no blog da Tenable

Inscrever-se
Teste gratuito Comprar agora

Teste o Tenable.io

GRÁTIS POR 30 DIAS

Tenha acesso completo a uma plataforma moderna de gerenciamento de vulnerabilidades baseada na nuvem, que permite que você veja e rastreie todos os seus ativos com uma precisão sem precedentes. Inscreva-se agora mesmo.

Comprar o Tenable.io

Tenha acesso completo a uma plataforma moderna de gerenciamento de vulnerabilidades baseada na nuvem, que permite que você veja e rastreie todos os seus ativos com uma precisão sem precedentes. Compre hoje a sua assinatura anual.

65 ativos

US$ 2.190,00

Compre já

Teste gratuito Comprar agora

Teste gratuitamente o Nessus Professional

GRÁTIS POR 7 DIAS

O Nessus® é o verificador de vulnerabilidades mais abrangente do mercado atualmente. O Nessus Professional ajudará a automatizar o processo de verificação de vulnerabilidades, economizar tempo nos seus ciclos de conformidade e permitirá que você envolva a sua equipe de TI.

Comprar o Nessus Professional

O Nessus® é o verificador de vulnerabilidades mais abrangente do mercado atualmente. O Nessus Professional ajudará a automatizar o processo de verificação de vulnerabilidades, economizar tempo nos seus ciclos de conformidade e permitirá que você envolva a sua equipe de TI.

Compre uma licença para vários anos e economize. Inclua o Suporte Avançado ao acesso do suporte por telefone, email, comunidade e bate-papo 24 horas por dia, 365 dias por ano. Detalhes completos aqui.

Teste gratuito Comprar agora

Teste o Tenable.io Web Application Scanning

GRÁTIS POR 30 DIAS

Tenha acesso completo à nossa oferta mais recente de verificação de aplicações Web desenvolvida para aplicações modernas como parte da plataforma do Tenable.io. Verifique com segurança por vulnerabilidades em todo o seu portfólio online com um alto grau de precisão sem grandes esforços manuais ou interrupção de aplicações Web críticas. Inscreva-se agora mesmo.

Comprar o Tenable.io Web Application Scanning

Tenha acesso completo a uma plataforma moderna de gerenciamento de vulnerabilidades baseada na nuvem, que permite que você veja e rastreie todos os seus ativos com uma precisão sem precedentes. Compre hoje a sua assinatura anual.

5 FQDNs

US$ 3.578,00

Compre já

Teste gratuito Entre em contato com o setor de vendas

Teste o Tenable.io Container Security

GRÁTIS POR 30 DIAS

Tenha acesso completo à única oferta de segurança de contêiner integrada a uma plataforma de gerenciamento de vulnerabilidades. Monitore imagens de contêiner por vulnerabilidades, malware e violações de segurança. Unifique sistemas de integração contínua e implantação contínua (CI/CD) para dar suporte às práticas de DevOps, reforçar a segurança e ajudar na conformidade com as políticas da empresa.

Comprar o Tenable.io Container Security

O Tenable.io Container Security habilita com perfeição e segurança os processos de DevOps ao fornecer visibilidade da segurança das imagens de contêiner, incluindo vulnerabilidades, malware e violações de segurança através da integração com o processo de compilação.

Saiba mais sobre o lndustrial Security

Receba uma demonstração do Tenable.sc

Insira suas informações no formulário abaixo e um representante de vendas entrará em contato assim que possível para agendar uma demonstração. Você também pode inserir um comentário breve (limite de 255 caracteres). Os campos marcados com asterisco (*) são obrigatórios.

Teste gratuito Entre em contato com o setor de vendas

Avalie o Tenable Lumin

GRÁTIS POR 30 DIAS

Visualize e explore sua Cyber Exposure, monitore a redução do risco ao longo do tempo e faça uma análise comparativa com outras empresas do mesmo setor com o Tenable Lumin.

Compre o Tenable Lumin

Entre em contato com um representante de vendas para ver como o Lumin pode ajudar você a obter informações sobre toda a organização e gerenciar o risco cibernético.

Solicite uma demonstração do Tenable.ot

Obtenha a segurança de que precisa para suas tecnologias operacionais
e reduza o risco.