Support Site

News

Configuration Port in the Cybersecurity Strategy

by

Having a configuration port cybersecurity strategy for critical and non-critical cyber assets is important but often overlooked in the overall cybersecurity strategy. Virtually all electronic devices with communication capability have configuration ports, and these ports present an extremely high set of privileges that can be used to change almost anything on the target device. Failing to secure these ports results in a significant security risk.

Unfortunately, configuration port security is a commonly misunderstood area of cybersecurity. Security guidelines often provide broad statements such as “all ports should be either secured or disabled,” which obviously includes configuration ports. However, configuration ports should not be disabled as they are the default emergency access point for every IT and OT asset. Instead, they must be effectively secured.

View Configuration Monitoring Datasheet
View Configuration Monitoring NERC CIP 010 Datasheet

 

 

TDi CEO Joins Panel with NIST at GridSecCon 2018 Training Days

by

October 16th |Training Track 3A: Asset Management for Energy Provider | NIST NCCOE

Half-day Session – 8:00am – 12:00pm

Description: Monitoring and managing operational technology (OT) assets is an essential component of protecting the nation’s critical infrastructure from cyber attacks. To properly assess cybersecurity risk within the OT network, energy providers must be able to identify and maintain a complete and accurate view of their OT assets, especially the most critical.

The National Cybersecurity Center of Excellence, a part of the National Institute of Standards and Technology (NIST), in collaboration with members of the energy community and cyber security technology providers, is working on an OT asset management example solution to address this complex challenge. This project will result in a NIST cybersecurity practice guide (Special Publication 1800 series) that shows how commercially available products can be used to create an example solution for electric utilities and for oil and gas companies to effectively track and manage their assets. The guide will be released in March 2019.

Join security engineers from the NCCoE at NIST, alongside the projects’ leading collaborators, for a detailed description of this project and other ICS Cybersecurity projects. The panel will share their expertise and best practices on asset management for the energy sector, as well as their current efforts in documenting and implementing methods for managing, monitoring and baselining assets and information to help identify potential threats to OT assets.

 

 

NCCoE and Industry Collaborate to Secure Property Management Systems for the Hospitality Sector

by

CryptoniteNXT, ForeScout, Häfele America, Remediant, StrongKey, and TDi Technologies have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Securing Property Management Systems project.* In response to a call in the Federal Register, these companies submitted capabilities that aligned with desired solution characteristics listed in the project description. The technology collaborators were extended a Cooperative Research and Development Agreement (CRADA; see example) enabling them to participate in a consortium where they will contribute expertise and hardware or software to help refine a reference design and build an example standards-based implementation. This collaboration will result in a publicly available Cybersecurity Practice Guide (NIST Special Publication 1800 series) that will document a reference design for hospitality organizations to improve the cybersecurity within and around a property management system (PMS).

Increasing Reliance on Technology in the Hospitality Sector

The role of technology in the hospitality industry is growing rapidly, and the PMS is increasingly integrated with systems and services that extend well beyond front desk operations. As the operations hub, the PMS interfaces with services and components within a property’s IT systems, such as Point-of-Sale systems, door locks, Wi-Fi networks, and other guest service applications. Adding to the complexity of connections, external business partners’ components and services are also typically connected to the PMS, such as on-site spas or restaurants, online travel agents, and customer relationship management partners or applications. This expanding PMS ecosystem provides a wider attack surface for vulnerabilities to be exploited by malicious actors. Improper configuration of the diverse applications that connect to or run through a PMS can create cybersecurity vulnerabilities.

Advancing the State of Cybersecurity for Hospitality Organizations

The NCCoE is working closely with the hospitality business community, managed security service providers, and cybersecurity technology vendors to develop a standards-based reference design that aims to advance the cybersecurity of property management systems and to demonstrate:

  • system protection and authentication with enforcement that will help prevent damage to PMS functionality and security
  • data protection and encryption to reduce the risk of a data breach of guest payment card information or personally identifiable information, and to protect the confidentiality and integrity of system data
  • auditing and analytics such as complete, real-time auditing and reporting of user activity

In partnership with technology collaborators, the NCCoE will build the reference design in a lab environment. The following diagram depicts the reference design’s high-level architecture.

The reference design will use commercially available products from the project’s technology collaborators—CryptoniteNXTForeScoutHäfele AmericaRemediantStrongKey, and TDi Technologies—along with open source products.

How to Participate

Interested parties are encouraged to engage with us through our project web page.

If you have additional comments, questions, or would like to join the Community of Interest helping to guide this project and provide feedback, please email us at hospitality-nccoe@nist.gov.

*Certain commercial entities, equipment, products, or materials may be identified to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST or NCCoE, nor is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose.

The Real-Time Benefit of Persistent Monitoring vs Polling

by

Persistent Monitoring Benefits

Many of today’s monitoring solutions depend on polling at predefined intervals, using agents that are only capable of responding when the operating system and network stack are functioning normally. Because polling many systems frequently can be resource intensive, polling intervals are commonly 10 to 20 minutes or even longer, which can result in delayed problem detection.

When an operating system fails, polling solutions depend on time-outs to alert the user that an application or device is down. It often takes more than one polling cycle to generate a problem notification, and warning events that occur between polls may be detected too late to prevent failures.

While decreasing the polling interval may help a little, the cost would be more network traffic and more CPU utilization on the monitored system.

The ConsoleWorks answer to this challenge is Persistent Monitoring. ConsoleWorks monitors the hardware management interfaces, such as serial console, iLO, Baseboard Management Controller, etc. constantly and in real time. Advanced warning error messages are received, immediately identifying the root cause and allowing administrators to address problems before they become failures.

Anticipating and addressing problems before they occur and identifying them instantly in real-time results in improved system oversight and a significant reduction in mean-time-to-repair.

TDi Sponsors CREDC | Offers Free Use of ConsoleWorks for R&D Programs

by

CREDCTDi is lead sponsor at the 2018 CREDC Industry Workshop being held on September 12-13 at the MIT Samberg Conference Center. Cyber Resilient Energy Delivery Consortium (CREDC) is a five-year, $28.1 million research and development initiative that is funded by the Department of Energy and is focused on cybersecurity and cyber-resiliency of energy delivery systems for the electric power and oil & gas industries. This effort builds on the success of the preceding Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) consortium.

The program features invited speakers and panelists from industry, national labs, and government agencies that focus on emerging and critical topics in EDS cybersecurity and cyber resiliency, a CREDC research poster session, and networking opportunities. Participants will have an opportunity to engage with CREDC researchers, to learn about research, development, & technology, and to have an impact on current research and future research plans.

As part of the program, TDi Technologies is offering the use of the ConsoleWorks Platform at no charge, for use in the R&D programs.

About CREDC
The Cyber Resilient Energy Delivery Consortium (CREDC) is a five-year, $28.1 million research and development initiative that is funded by the Department of Energy and the Department of Homeland Security. Research is focused on cybersecurity and cyber-resiliency of energy delivery systems for the electric power and oil & gas industries. Consortium partners include: University of Illinois at Urbana-Champaign, Argonne National Laboratory, Arizona State University, Dartmouth College, the Massachusetts Institute of Technology, Old Dominion University, Oregon State University, the Pacific Northwest National Laboratory, Rutgers University, Tennessee State University, the University of Houston, and Washington State University. CREDC builds on the success of the preceding Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) consortium. For more information about CREDC, visit http://cred-c.org.

Simplifying Management of IT/OT Environments

by

One of the keys to more efficient management of IT/OT environments is to always seek to simplify the management and support processes – that is, to simplify the work we do. One of the most effective ways to simplify work is to automate processes whenever that is feasible.

ConsoleWorks simplifies IT/OT workload with one system one method and one practice. By simplifying the daily work of IT/OT, ConsoleWorks reduces costs, lessens the risk of human error, and it increases the agility of the entire organization. Work becomes streamlined and more productive. ConsoleWorks automates repetitive tasks and retains the domain knowledge needed to keep the IT/OT environment fully operational.

This recorded ConsoleWorks product demonstration highlights the ability of ConsoleWorks to automate the manual process of connecting to privileged interfaces in the IT infrastructure – thereby speeding up work, reducing training cost, and increasing agility.

With ConsoleWorks, you still need all this information to access these devices, but you only need it one time. The information is securely stored for future use by ConsoleWorks when connecting to these interfaces and may only be accessed by users with the necessary level of privilege. Enter it once; use it forever.

That’s how ConsoleWorks keeps things simple.

 

Management of IT/OT ConsoleWorks Platform

We can help

Reach out today, and we'll talk through how we might be able to help!

Contact us