PPC – Cyberwire – CIS Controls

Implementation Guide

The CIS Controls for ICS Cybersecurity

The CIS Controls are about getting cybersecurity done. This framework considers the factors of people, process and technology, and uses straightforward language to reflect that philosophy. Although these controls were originally developed by the Center for Internet Security (CIS) to guide enterprise IT cybersecurity and data protection, adoption among critical infrastructure companies is rapidly increasing because of increased cyber threats to industrial control systems (ICS).

This implementation guide adapts the CIS Controls for the unique needs of industrial control systems and offers helpful tips from ICS experts who have real-world experience using these controls in operational technology (OT) systems. This guide will help you to:

  • Prioritize implementation based on your organization’s business drivers
  • Emerging trends in the oil and gas industry
  • Evaluate the best way to implement the controls in an industrial environment

Download Guide

– Why Industrial Defender? –

Why Choose Industrial Defender for your Next ICS Security Project?

An Asset Centric Approach to Cybersecurity
Our single platform incorporates unique methods for OT endpoint data collection and normalization to tune out noise and provide the foundation for applying cybersecurity controls. Automated risk scoring tracks changes in OT assets, rather than only network changes, over time to quantify risk and help security teams prioritize what matters most. Passive, on-demand vulnerability monitoring tracks and audits installed software and firmware inventory and continuously checks for new vulnerabilities, plus available patches.
Actionable Data for IT & OT Teams
Security teams receive the data they really need, including how important an industrial device is, where it’s located, and who to call at the plant if anomalies are detected in that asset. API-enabled integrations with SIEMs deliver these insights to SOC teams in an intuitive way to reduce MTTR. Detailed OT endpoint data can also be fed directly into enterprise CMDBs to centralize asset inventory across the organization.
Automated Standards & Regulatory Compliance Reporting
Standardized policy management options and built-in reporting templates for standards, including the NIST Cybersecurity Framework and the 20 CIS Controls, let you create, deploy, and audit your risk management progress across control system environments. Integrations with business intelligence tools also deliver executive-level risk reporting for management.

– Solution Brief –

Safely Collect, Monitor & Manage OT Asset Data at Scale

Multiple vendor systems, geographically dispersed plants and hard-to-reach endpoints make it difficult to effectively monitor, manage and protect control system networks. Learn how our solution can help you solve these challenges.

Explore the benefits and use cases that our solution can help you with, including:

  • Creating a solid foundation to apply effective OT security controls using an asset-centric methodology
  • Mitigating cyber threats quickly with actionable security data from vulnerability monitoring
  • Enhancing IT and OT collaboration with seamless, API-enabled integrations
  • Automating standards and regulatory compliance with pre-built policies and reporting templates for standards such as NIST, NERC CIP, NEI and the NIS Directive.
View Solution Brief

Take a guided tour of the product with one of our knowledgeable staff members.

  • Real-time cyberattack detection and alerting
  • Vulnerability monitoring
  • Automated standards & compliance reporting

Request Your Demo