Source: Lindsey Hale, Program Manager
FoxGuard Solutions, Inc. is working with the National Cybersecurity Center of Excellence (NCCoE) located in Gathersburg, MD on their Energy Sector Asset Management (ESAM) Project and Use Case to develop practical, inter operable cybersecurity approaches that address the real-world needs of complex Operational Technology (OT) / Industrial Control Systems (ICS) environments. By accelerating dissemination and use of these integrated tools and technologies for protecting OT/ICS assets, the NCCoE will enhance trust in U.S. IT communications, data, and storage systems; reduce risk for companies and individuals using IT systems; and encourage development of innovative, job-creating cybersecurity products and services.
Also participating in the project are ForeScout Technologies, Tripwire, Dragos, Splunk, KORE Wireless, TDi Technologies and Veracity Industrial Networks. The collective efforts from the collaboration with these companies and the NCCoE will result in a publicly available NIST Cybersecurity Practice Guide that will document best practices form the energy sector on how to effectively identify, manage, monitor and control their operational technology (OT) assets.
The project aims to address the following features of asset management:
- Asset Discovery: establishment of a full baseline of physical and logical locations of assets
- Asset Identification: capture of asset attributes, such as manufacturer, model, operating system, internet protocol (IP) addresses, media access control addresses, protocols, patch-level information, and firmware versions
- Asset Visibility: continuous identification of newly connected or disconnected devices, and IP (routable and non-routable) and serial connections to other devices
- Asset Disposition: the level of criticality (high, medium, or low) of an asset, its relation to other assets within the OT network, and its communication (to include serial) with other devices
- Alerting Capabilities: detection of a deviation from the expected operation of assets
- Kickoff Meeting – June 2018 – COMPLETE
- Build Architecture Draft – July 2018 – IN PROGRESS
- Draft Practice Guide – February 2019
- Tentative Draft Public Release for Public Comment – April 2019
Expected Industry Benefits
- Reduce cybersecurity risk and reduce impact to safety and operations
- Development of an executable strategy that provides continuous OT asset management and monitoring
- Faster response to security alerts/attacks/events through automation
- Cybersecurity standards and best practices, while maintaining the performance of energy infrastructures
Interested in learning more?
Engage with the NCCoE and follow the collaboration through the official project web page.
Note: NIST does not evaluate commercial products under this Consortium and does not endorse any product or service used. Additional information on this Consortium can be found at https://www.nccoe.nist.gov/projects/use-cases/energy-sector/asset-management
You can also find the full Energy Sector Asset Management Project description here:
WANT TO LEARN MORE ABOUT PATCH MANAGEMENT?
FoxGuard provides a wide range of patch management solutions that help entities identify and mitigate gaps in the security of their systems and prepare for NERC CIP audits. We host a webinar series to discuss ways to develop and implement a robust patch management program. Reserve your spot in our next session.
If you want to discuss something specific, we will do that too! Just reach out, tell us what your challenges are, and we will have one of our security experts contact you.