Keeping our customers secure and compliant.
Ask us about NERC CIP 10-007
and 10-013 or any of our other
NERC NIST IEC NEI
CIP RMF 62443-3 08-09
With more than 16,500 Common Vulnerabilities and Exposures (CVE) published in 2018, it’s clear why keeping up with patches and updates can be time-consuming and disruptive to organizations, not to mention the NERC CIP requirements for the electricity industry. Add in the risk of operational down time to your business based on always changing vulnerabilities and the ROI associated with patching an asset is easy to see.
FoxGuard offers a comprehensive, risk-based suite of Vulnerability and Patch Management Solutions to overcome weaknesses and vulnerabilities that could allow security breaches in critical infrastructure markets. Our Patch & Update Management Program (PUMP) was the result of a four year cooperative project with the Department of Energy. Supporting IT and OT assets the program encompasses four steps in the patching process:
As we solved one challenge facing control system environments we could see the need for more.
So, we created more solutions. one source. many solutions.
FoxGuard has proven excellence in meeting NERC CIP compliance requirements by solving functional issues and security vulnerabilities. Our field experienced security experts have over one hundred and fifty years of patch management experience in OT and IT systems and plants. We understand the complexities of industrial control systems in critical infrastructure environments.
In a simplified, cost-effective, and timely fashion; facilitating a more secure environment with up-to-date and critical updates & patches – FoxGuard can centralize and ease your patch management burden.
Risk assessment begins with the identification of fixed and movable assets in an industrial control system or critical infrastructure market – experience shows that this includes both IT and OT assets. Uniquely identified assets based
on known identifiers and/or known information about assets specific to an environment plays an important role for an organizations’ ability to build a layered defense strategy.
where do you start?
FoxGuard Solutions has a team of engineers trained and ready to help you identify and create an inventory of your assets. Assets may include OT firmware, OT 3rd party applications, operating systems, network devices, field devices, and drivers.
Once the inventory has been outlined, it can be categorized by risk and assigned priority. Based on your maturity model, FoxGuard has a variety of solutions to ease the burden.
Patches and updates are necessary to help resolve security vulnerabilities and address
functional issues. While this process is labor and time consuming which requires the right technical knowledge, it is very necessary to lower mission risk. one source saves time and money.
Our proactive Risk-Intelligence helps organizations create a strategy for updating available patches and updates to reduce risks associated with known vulnerabilities for an asset. FoxGuard monitors industrial control systems (ICS) to provide monthly intelligence reports that track the release of cybersecurity patches specific to your environment. Additionally, our aggregated management of your patch monitoring simplifies the “source” requirements for your patch details, making it easier to handle your NERC CIP patching requirements.
Once there is an inventory of your specific assets, FoxGuard can continuously monitor this list to inform you when security patches are available and provide all of the necessary documentation defining how your IT and OT assets are impacted and can be protected.
Keeping your eyes on patches alone often is not enough. FoxGuard provides vulnerability notification intelligence informing you of an identified risk that has been disclosed but the patch has yet to be released. This gives you an opportunity to mitigate the risk before the vulnerability creates exposure to your critical assets.
Our Staff Augmentation step in the PUMP program provides the time, resources and necessary technical knowledge to help ease your Patch & Update Management burden. Patches and updates are designed to update, fix, or improve an asset. This includes fixing security vulnerabilities that could be leaving networks open to attack. Many organizations find this process to be a critical, time and labor intensive burden. One can simply drain valuable hours searching hundreds of websites, contacting vendors and showing due diligence.
Our Patch and Update Management Program, PUMP, includes services that augment your staff to help with:
ACQUISITION | VALIDATION | DEPLOYMENT | CYBER FLEET SOLUTION | PUMP
Patching in an industrial control system environment can have catastrophic effects because it can interrupt system processes. Patches and updates should go through rigorous testing in a simulated environment or representable hardware in a lab, or representative environment, with a comparison of performance before and after patch implementation. Only after a successful release in a virtual lab should it be released into production. Validation requires the right staff with the right aptitude in the right environment to safely and effectively test patches. This may require special equipment and the right insight to know how much and how deep to test each of your critical assets.
FoxGuard provides Validation services – we can replicate all or some of your environment in order to test in our secure virtual lab. If you aren’t familiar with validation best practices, we can teach you how to set up your own lab. Last, but certainly not least, we can come to your facility to help you build your own validation lab.
Once tested it will need to be decided whether the security risk outweighs the operational deployment risk.
Then one of two paths will be taken: DEPLOY OR NOT TO DEPLOY.
If you choose not to deploy, a mitigation plan should be created.
A diligent deployment process defends against malware, in-transit modification and corruption. Our engineers design a comprehensive, secure and easy-to-use patch deployment solution that In this day and age of mobile devices, our office can be anywhere and everywhere at the same time. There is a demand for portable devices that can connect quickly and effortlessly to networks. However the very thing that makes these devices portable also makes them vulnerable to network security breaches.
Our Cyber Fleet Solutions are designed to support organizations Transient Cyber Assets (TCA). As the NERC CIP requirements get broader around protecting TCAs, this solution is adaptable and able to protect this equipment. TCAs are vulnerable not only to software creep but also high cyber risk. They may have malicious code running in the background that is tasked to scour the network and infect additional systems.
FoxGuard provides an innovative solution that will secure your laptops and other portable devices. Our solution protects these assets by deploying a gold image on a monthly basis.
This gold image is updated to include OEM specific security patches and applicable operating systems, software and device drivers. Rest assured your fleet is protected.
Do you already have a workflow management or network monitoring tool? Want to integrate patch and update management data into your existing tool? we can do that. 3rd PARTY INTEGRATIONS.
We understand that you have invested time and money into training your team on the products you have. We want to be part of the solution to help decrease the workload. By feeding our patching data into your existing asset management, baselining and/or workflow/ticketing systems, you can use best-in-breed solutions to manage your environment in a streamlined, efficient manner.
At FoxGuard, your cyber-assets are matched against the industry’s leading patch and asset library. Once your assets are mapped to the library, FoxGuard will provide regular Patch Availability Reports detailing when each asset was checked for patches and what patches were found. Each report contains vital data to help determine applicability as well as links to evidence documentation of every patch check. We will work with your current vendor to ensure the data is in a consistent format they can consume.
MONITOR ONE SOURCE.
We ensure successful deliveries to domestic and international destinations and proper documentation to back up every regulatory mark on a system component. Our services cover the following areas of regulatory compliance for over 40 worldwide locations:
- Low Voltage
- Energy Efficiency
- Country of Origin
- Hazardous Substances
- Multilingual Labeling
- Energy Efficiency
- Document Translation
We maintain a database of over 40,000 regulatory certificates and reports covering thousands of parts, from adapters to industrial computers and peripherals provided by a network of over 250 manufacturers and suppliers. FoxGuard issues Regulatory Bulletins to alert manufacturers and suppliers of upcoming legislative changes and new documentation requirements.
The custom regulatory document packages provided to customer-specified sites are the result of design and pre-BOM reviews, quote reviews, and additional line-by-line reviews before an order is released for planning.
FoxGuard’s Customer Care Center (CCC) offers pass-fail results on regulatory compliance pre-submittal inquiries. If you need log-in information or instructions on the use of the CCC, please contact your FoxGuard Customer Account Representative or e-mail email@example.com.
By utilizing FoxGuard Solutions as your integrator, you avoid the time consuming process of information gathering and reduce your freight forwarder fees. With 40% of our orders shipped internationally, FoxGuard has a well-developed process to support our Customers with logistics and compliance.
- Determine the top level Bill of Material classifications associated with the HTS (Harmonized Tariff Schedule) codes and the ECCN (Export Control Classification Number) codes.
- Complete the export licensing determination process based on the ECCN code for each top level BOM in each shipment per the EAR (Export Administration Regulations).
- Determine country of origin information for top level BOMs included in each shipment.
- Evaluate each shipment to determine if an EEI (Electronic Export Information) filing will be required or if the shipment is eligible for an applicable EEI filing exemption per the FTR (Foreign Trade Regulations).
- Complete EEI filings in the AES (Automated Export System) and obtain the related ITN (Internal Transaction Number) numbers for shipments valued at over $2,500.00 per HTS code.
- Work with designated carriers to obtain the departure details necessary to complete EEI filings.
- Assist in managing shipment releases by providing FoxGuard generated packing slips and commercial invoices to Customer for approval, prior to the completion of final processing steps.
- Complete denied party screening on consignee information related to each shipment.
- Update commercial invoices and packing slips (as needed) to address Customer requests/needs.
- Update previously submitted EEI filings in the AES system if/when departure information changes, as required by U.S export regulations.
- When needed or as requested, assist Customer with customs clearance issues.
- Provide tracking number information for each shipment to the specified Customer contact.