SecurityMatters is now part of Forescout
SecurityMatters is now part of 
Forescout

SilentDefense Wins 2019 Engineers’ Choice Award for OT/ICS Cybersecurity

by Erin Anderson

The 32nd annual Control Engineering Engineers’ Choice Awards shines a light on industry leaders in control, instrumentation, and automation products and highlights engineers’ favorites, as chosen by the Control Engineering print and digital audience. A total of 102 finalists from across 26 categories were listed on the ballot this year, and automation professionals from Control Engineering’s subscriber lists voted for the products that they felt were the most exceptional based on technological advancement, service to the industry, and market impact. We’re proud to announce that Forescout’s network monitoring and situational awareness solution, SilentDefense, has won the 2019 Engineers’ Choice Award in the Industrial Cybersecurity category.

Largest NERC CIP Fine to Date: What You Need to Know

by Brandon Workentin

The North American Electric Reliability Corporation (NERC) announced the largest public NERC CIP fine ever given, with a $10 million fine levied in response to 127 separate violations across an organization. As is normal, NERC did not identify the organization involved, although the language in the Notice of Penalty (NOP) makes it clear that the single organization represents multiple individual companies across various NERC regions. The violations encompass each of the CIP standards, but almost all of the violations were self-reported by the entity, with only 13 of them being discovered during Compliance Audits. The self-reports were submitted beginning in 2015 and continuing through 2018. Some of the penalties were related to not identifying assets which should have been subject to the CIP standards. For example, there were violations for not identifying and categorizing assets correctly, and then also violations for not including those assets in Disaster Recovery Plans or baseline configurations.

A Solution to the Complex Challenges Faced by Utility OT/ICS Networks

by Brandon Workentin

Protecting our electric grid from the growing number of cyberthreats is critical to keep society functioning. Most utility industrial control systems (ICS) were originally designed using local area networks (LAN) that weren’t connected to any Internet-facing devices. Although this didn't guarantee complete security, it did create an “air gap” by physically separating the devices from other Internet-connected devices. Now, the demand for increased efficiency and remote monitoring capabilities has required these once isolated networks to be integrated with other Internet-facing networks. These new smart grid technologies expose these networks to a growing number of malicious actors targeting ICS for financial gain or nation-state objectives.

Discovering and Defending Against Vulnerabilities in Building Automation Systems (BAS)

by Dr. Daniel dos Santos

As discussed in previous posts on our blog, securing building automation systems (BAS) has been an active area of research at SecurityMatters (now Forescout) for the past couple of years.

Join the conversation