|Innovating The Next Big Thing||May 23, 2013|
• Analyst Insights
• Enterprise Insights
• Network & Information Security
• Enterprise Mobility
• Remembering 9/11
Next Innovator Group
Feedjit Live Web Stats
• Ghost City
McAfee Blogs: ICS-CERT Validates the Threat, PNNL Validates the Cure
Jul 9, 2012 – Eric Knapp
The ICS-CERT recently released the “ICS-CERT Incident Response Summary Report,” which quantifies known industrial control system cyber security incidents from 2009 to 2011. The report offers a very useful summary of threats, and provides some eye-opening metrics. One finding across all reported incidents was that “an organization’s technology can result in cyber security gaps,” which are the result of—not surprisingly—the lack of a security management framework, and the lack of adequate patch management policies to ensure that security controls are up-to-date and able to protect against new exploits. Some other interesting conclusions include:
It’s encouraging how well these findings map to McAfee’s “Secure Connected” strategy, which combines a variety of security controls into a larger framework for centralized threat detection and policy management—and even more so to McAfee’s strategy for securing Critical Infrastructures. Critical infrastructure cyber security involves a few key products that have been tailed for industrial control systems and that, when used together under the Secure Connected framework, provide a reliable solution for ICS cyber security. One of these keystone products is Application Control, which provides application whitelisting and change control for endpoint protection. Whitelisting is a useful technology in ICS because it addresses the unique challenges of patch management in a control environment, where uptime is the single most important consideration.
The applicability of whitelisting was recently confirmed by an assessment of McAfee Application Control, Change Control and Integrity Control by the Pacific Northwest National Labs (PNNL).
The PNL report also highlights the importance of a security management framework as a critical component of a cyber security plan. “PNNL’s assessment … provides very high assurances (in many cases absolute assurance), that the software executives, configurations, processing environments, and external data communications endpoints possess the highest level of platform protection available for ICS environments today. Many challenges related to technical security requirements, ranging from best practice to regulatory, can be mitigate with a diligent application of this technology.”
The key is the framework, which creates a whole that is greater than the sum of it’s parts. For example, consider another finding of ICS-CERT: “Properly developed and implemented detection methods are the best strategy to quickly identify and implement a mitigation and recovery procedures … 10 [out of 17] organizations could have detected the incident by using ingress/egress filtering of known bad IP addresses or domain names.” So connect McAfee’s Global Threat Intelligence to the SIEM and instantly see all activity to pinpoint actions involving known bad actors.
» Send this article to a friend...
» Comments? Tell us what you think...
» More Network & Information Security articles...
Commentsblog comments powered by Disqus
Support This Site
• 5/12 Frontline Sentinel: Two-Factor Authentication for Social Media Sites
• 5/10 McAfee Blogs: RealTime for ePO – Optimized Endpoint Security
• 5/10 Ovum: Ovum comments: GB smart meter delay better late than never
• 5/10 Gartner Says India Has The Potential To Lead The World In The Nexus Of Social, Mobile, Cloud And Information But May Waste The Opportunity
• 5/9 Frontline Sentinel: NSA's Manual on Hacking the Internet
• 5/9 Frontline Sentinel: 8 charged in $45 million cybertheft bank heist
• 5/9 Gartner Highlights Three Key Foundational Elements for Demand-Driven Retail Success
• 5/9 iSuppli: Korean and American Versions of Galaxy S4 as Different as Kimchee and Coleslaw, IHS Teardown Reveals
• 5/9 eMarketer: eMarketer: Emerging Markets Drive Facebook User Growth
• 5/9 Wireless Watch: Microsoft/Nokia alliance at crossroads as both ponder OS futures
• 5/9 Wireless Watch: Apple must rethink far more than the iOS user interface
• 5/9 Faultline: Quantenna gets closer to ST Micro, expect it to get “ascloseasthis”
• 5/9 Faultline: Microsoft volunteers to take Nook, as Barnes and Noble start to breakup
• 5/9 Canalys: Smart mobile device shipments exceed 300 million in Q1 2013 - Android powers 59% of smart phones, tablets and notebooks
• 5/8 McAfee Blogs: Cybercriminals Celebrate – It’s Mothers Day!!
• 5/8 Ovum: Government policy-makers need to create a level playing field for cloud services procurement
• 5/8 Gartner Says Smart Organizations Will Embrace Fast and Frequent Project Failure in Their Quest for Agility
• 5/7 McAfee Blogs: How Secure Are Your Social Accounts?
• 5/7 McAfee Blogs: The Password Problem. Is it Your Problem?
• 5/7 McAfee Blogs: Have you met McAfee’s SIEM?
• 5/7 McAfee Blogs: NCCDC 2013 – Red Team Recap
• 5/7 HP Security Lab Blog: HP TippingPoint announces Security Management System 3.6
• 5/7 McAfee Blogs: Yes, There are “Mother’s Day” Scams
• 5/7 Ovum: Analyst View: TPG looks to become Australia’s fourth MNO
• 5/7 Ovum: Analyst view: UK G-Cloud to champion public cloud
• 5/7 Gartner Says CIOs Will Need to Manage Both Technology and Business Innovation to Gain Competitive Advantage with Big Data
• 5/6 Gartner Says Indian Public Cloud Services Market To Reach $443 Million In 2013
• 5/6 iSuppli: IHS Discusses How PCs Can Survive the Tablet Invasion, at the SID Touch Gesture Motion Event
• 5/6 McAfee Blogs: Emerging ‘Stack Pivoting’ Exploits Bypass Common Security
• 5/5 McAfee Blogs: Intel, McAfee Investing in Network Security; Strength through Acquisition
• 5/5 McAfee Blogs: Change Your Password Day – Get Onboard!
• 5/5 Frontline Sentinel: iFrame drive-by attack demo [Anatomy of Attack online]
• 5/3 Frontline Sentinel: Basic Use of Maltego for Network Intelligence Gathering
• 5/3 iSuppli: Russian, Eastern European Video Surveillance Market to Double from 2012 to 2017
• 5/3 McAfee Blogs: AP, Burger King, LivingSocial….Who’ll be Hacked Next?
• 5/2 iSuppli: SSDs to Account for One-Third of Worldwide PC Storage Shipments by 2017
• 5/2 iSuppli: PV Inverter Supplier Base Fragments in 2012 – Minimal Impact From Recent M&A Activity in 2013
• 5/2 McAfee Blogs: Healthcare Cloud Enabled Analytics is Growing
• 5/2 Ovum: Analyst view: Facebook’s Q1 2013 results
• 5/2 Australian Organizations to Spend A$70 Million on Business Process Management Suites in 2013: Gartner
• 5/2 Worldwide Semiconductor Assembly and Test Services Market Grew 2.1 Percent in 2012, According to Final Results by Gartner
• 5/2 Wireles Watch: ZigBee Alliance completes Smart Energy Profile 2:
• 5/2 Wireless Watch: AMD, AT&T and Ericsson – wireless value chain shifts to IoT
• 5/2 Faultline: Netflix Hastings predicts OTT world – should stick to profit predictions
• 5/2 Faultline: Ziggo to add 1m homespots by August, work with Liberty Global
• 5/2 Canalys: Canalys launches ‘Appcessory Analysis’ service - First analyst firm to launch a dedicated continuous information service in this space
• 5/1 McAfee Blogs: BadNews for Good People
• 5/1 Frontline Sentinel: The PR Implications Of Cyber Security
• 5/1 HP Security Lab Blog: So, you want to build a Security Operations Center...
• 5/1 HP Security Lab Blog: The new era of security intelligence, part 1