NERC CIP Bootcamp Giveaway – Enter to Win!
Support

SOLUTIONS

OT Asset Management
Configuration & Change Management
Policy Compliance
Vulnerability Management

PLATFORM

Industrial Defender Platform
Phoenix for SMBs
Services
Partners

INDUSTRIES

Power
Oil & Gas
Water
Manufacturing
US Government
See all

RESOURCES

Blog
Podcast
Resource Library
OT Cybersecurity Risk Assessment Calculator
Innovations by Industrial Defender
FAQ

COMPANY

About Us
How We Compare
Team
Events
Press
Careers
Contact Us

SUPPORT

REQUEST DEMO

No items found.

Ways Asset Management Can Help Reduce Cyber Risk

Industrial Defender Staff
December 16, 2024

With the complexity and strict requirements of ICS/OT environments, it is often difficult to ascertain where cyber risks can be lurking. This is why comprehensive asset management is crucial for OT (operational technology) security. This past week we sat down with Greg Valentine to discuss the numerous merits of asset management and to help decipher how it can be the first step in your cybersecurity journey.

Greg is the Senior VP of Solution Engineering at Industrial Defender, he currently has 20 years of cybersecurity experience with the last 10 being focused on the OT cybersecurity world. Greg holds both a CISSP and a GRID certificate. He is also a member of the GIAC Advisory Board.  

In what ways does asset management reduce OT cyber risk?

There is an old saying that people are tired of hearing…. 'How can you protect what you don’t know about?'  It is a simple truth though. The better way to think about this would be to acknowledge that every OT company really needs to have an asset inventory of their devices on the OT network.  Once you have obtained this vital information, you can begin to build more sophisticated security programs, but if you don’t know what firmware versions all of your PLCs are running, or what all of your firewall rules are then it you just aren’t as ‘aware’ of what issues you may have in your infrastructure day in and day out.”

What is asset management and why is it relevant today?

“I divide asset management into three phases:

1. Discovery

  • This is the ability to discover, or learn about all of the devices on your OT network. A good solution will be able to tell you the OEM vendor, the IP address, MAC address, type of device (Workstation vs. PLC, etc.),

2. Inventory

  • A good asset management system will automatically collect key configuration data from the device you want to monitor.  The collection occurs automatically.  Nobody has to do a thing.
  • The type of information collected depends on the type of device that it is monitoring of course but it should include attributes such as Firmware, OS Version, Network configuration details, a list of patches, a list of applications (and version numbers), local user accounts, firewall rules,  and all open IP ports on the system (including what process is holding open each port).

3. Management

  • The asset management solution needs to be able to maintain the history of all of the device configuration collections.  This will provide rich data for trend analysis, reporting and compliance reporting.  To be able to see what is different between any two days is really important so that you have a true understanding of what is going on in your OT network.”

What would you say are some core requirements of a good asset management solution?

“I believe that a good asset management system should be capable of discovering devices on the local network(s) that it is monitoring, collect relevant configuration data for the devices that the company wants to collect data from, and then automatically monitor those devices to detect if/when anything is changed.  The change includes new devices showing up on the network as well as changes to the configurations of the devices that are automatically being monitored. All ‘good’ asset management solutions should be able to collect data from every device on the OT network.  This includes PLCs, RTUs, Switches, Firewalls, and workstations/servers. Once a device has been determined that the company wants to monitor that device, a good solution will perform all of the above automatically.  In other words, every day a new collection will occur (without a user having to do anything).  Once the collection occurs, the solution will analyze the results to see if anything has changed to that configuration.  If it has, then the solution should be capable of notifying the proper personnel about that change. Bonus points if the solution maintains that daily history of configuration collections over time.  This will allow the company to generate some interesting reports, including compliance reports.  For some companies, this could be the main driver for the whole selection process.”

Greg emphasized that strong OT asset management allows you to build a strong foundation of OT security. Without the fundamental knowledge of what you are operating and protecting, you run the risk of being unable to defend yourself against hidden threats in your environment. This is why truly understanding your OT environment is so crucial, Industrial Defender aims to reduce cyber risk to critical infrastructure and industrial sectors

For more information on how Industrial Defender can help you achieve your OT security and compliance goals, check out our OT asset management resource below.

Solution Brief: Safely Collect, Monitor & Manage OT Asset Data at Scale

View Resource

Stay up to date.

Sign up for our newsletter to receive the latest
Industrial Defender news, updates and content.

SOC 2® Type II Certified
PRODUCTS
Industrial Defender PlatformImmunity by IDBuilding DefenderRTAP
SERVICES
Cyber Diligence ServiceCopilOT ServiceTMCommissioningSupportTrainingSustain
SOLUTION BY TYPE
OT Asset ManagementVulnerability ManagementSecurity Event MonitoringCompliance Reporting
SOLUTION BY FUNCTION
SecurityComplianceOperationsExecutive
SOLUTION BY INDUSTRY
Building AutomationChemicalElectricFederal GovernmentFood & AgricultureMaritimeMetals & MiningOil & GasPharmaceuticalsRailWater
RESOURCES
Resource CollectionDefenderSphereIT-OT Integration LabOT Cybersecurity Risk CalculatorInnovations by ID
COMPANY
About UsHow We CompareTeamEventsPressCareersContact Us