Support Site

Compliance

ConsoleWorks | Automated Patch Analysis Process

by

Available Q2 2018

The new, Automated Patch Analysis Process from ConsoleWorks will be applicable to various IT/OT patching processes including, PCI-DSS, NIST 800-53, HIPAA, NERC CIP and others.

Automated Patch Analysis Process Use Case: NERC CIP-007-6/R2

NERC CIP-007-6 / R2 requires a patch management process for tracking, evaluating, and installing cybersecurity patches for applicable Cyber Assets, including device drivers. Many utilities see this is a grueling task, requiring many, many man-hours to meet the “every 35-day analysis” required by NERC CIP.

Many utilities are in various stages of implementation of an effective solution with most relying on a manual update of a database, or spreadsheet, that contains the latest patch versions entered for each asset. Traditionally, the asset information has been manually gathered and manually entered since these approaches are disconnected from the assets. These and other manual approaches not only result in inconsistencies and errors, but are enormously labor intensive.

The ConsoleWorks Automated Patch Analysis solution greatly simplifies the process of gathering the information required for patching IT and OT devices – beyond the HMI.

For meeting NERC CIP compliance, ConsoleWorks establishes a secure access to access all devices and then is configured via a schedule to perform the patch analysis every 35 days, keeping a log, for audit purposes, of when the analysis was run. Once the current patch state is gathered by ConsoleWorks, ConsoleWorks can integrate with industry or custom solutions to assist in automating the patch gap analysis. In these cases, ConsoleWorks sanitizes, anonymizes, and encrypts the data before initiating the secure transfer of the collected device information.

After the initial collection is sent, ConsoleWorks can be configured to continually monitor for the patch gap analysis results. When available, ConsoleWorks automatically downloads and processes the results, using ConsoleWorks Events as an indication to the user when patches are available. Event Severities further indicate whether an available patch is a security patch.

Finally, ConsoleWorks produces dashboard report views to organize and communicate the current patch state. ConsoleWorks presents a summary report containing information on patch gaps that may exist for each asset, including links to any available patch for downloading directly from the vendor site.

At this point, a utility will evaluate the available security patch for applicability and make the decision to install the patch or initiate a mitigation plan. ConsoleWorks’ integration with workflow management solutions enables utilities to further automate the patching and mitigation processes as required by NERC.

 

 

The patch analysis features will be available in ConsoleWorks in Q2, 2018, and are part of a larger cybersecurity and operations platform solution addressing IT/OT patching processes for PCI-DSS, NIST-800-53, HIPAA, NERC CIP V6 ( CIP-005, CIP-007, CIP-010, and CIP-013) requirements for Secure Remote Access, Asset and Configuration Monitoring, Endpoint Password Management, Logging and Situational Awareness and Supply Chain.

 

Webinar: Supply Chain Security

by

Cybersecurity Supply Chain Security: What Can Be Expected From CIP-013-01?

TDi Technologies and Archer Security Group teamed for this cybersecurity supply chain security webinar offering potential solutions for ensuring a secure supply chain in Energy companies.  Cybersecurity risks exist throughout all aspects of a utility company. The threats are real and the potential attacks are largely unpredictable. There have been several real-world examples over the years of security attacks coming in the form of malware being embedded in products purchased, software installed, access given to aid in the deployment of new systems and poor security requirements stemming from the procurement of solutions.

In the very near future, registered utilities will need to address the mandatory requirements in NERC CIP Standards – CIP-013-1.

This new requirement introduces 4 key requirements:

1) Software integrity and authenticity
2) Vendor remote access
3) Information system planning
4) Vendor risk management and procurement controls

This webinar explores these 4 key requirements and the potential solutions that would be expected of your organization to satisfy compliance and, more importantly, support a more secure supply chain for your organization.

PDF of Slides

Other Collaborations with Archer Security Group

ConsoleWorks and FoxGuard Team-Up to Provide Patch Gap & Update Management

by

The new product offering for patch gap and update management, being marketed by FoxGuard Solutions is a result of a multi-year project and a $4.3 million Cooperative Agreement awarded in 2013 from the U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems (CEDS) division.

FoxGuard Solutions leveraged the ConsoleWorks Platform along with their own technologies to develop a solution to help companies identify and mitigate gaps in the security of their systems for IT & OT assets.

The ConsoleWorks Platform can determine the current patch level across all assets. FoxGuard extended the capability to determine which patches are security related and the priority level. By analyzing the relationships between packages, updates, and dependencies, FoxGuard’s Patch Gap product can lay out the shortest, most secure, and safest path for a cyber asset.

ConsoleWorks takes the results generated by FoxGuard and produces simplified yet comprehensive dashboards and associated reports of the current patch situation – across all assets. The simplified view enables companies to assess risk according to their management policies and adhere to compliance and security priorities.

FoxGuard Solutions was tasked with researching, developing, and demonstrating technology and techniques to identify and verify the integrity of updates and patches for energy delivery systems software, hardware and firmware, while also facilitating the deployment of those updates.

Key Elements:
• Patch & Update Data Aggregator & Web Portal
• Patch & Update Authentication
• Validation Techniques
• Query Engine

The Patch and Update Management Program simplifies the process of understanding what patches are available for energy delivery industrial control system devices for both end users and equipment vendors, while also simplifying the ability for a utility to adhere to NERC CIP v6 requirements involving patching, ultimately leading to a safer grid. Read press release.

   

 

FoxGuard Solutions, Inc. and Partner TDi Technologies Unveil Joint Solution for U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems

by

CHRISTIANSBURG, Va. July 13, 2017 – FoxGuard Solutions, Inc. and partner TDi Technologies recently completed a multi-year project to create a safer national power grid by simplifying the process of patching and updating energy delivery control system devices. The solution is the result of a $4.3 million Cooperative Agreement awarded in 2013 from the U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems (CEDS) division.

“This is exactly why FoxGuard Solutions exists and this is where our team excels,” FoxGuard President & CEO, Marty Muscatello, said. “The solution developed comprises several elements that can each stand alone to improve security posture and, when integrated, provide a comprehensive solution to meet energy sector patch and update needs.”

Believing the nation’s security, economic prosperity, and the well-being of its citizens depends on reliable energy infrastructure, the DOE solicited FoxGuard Solution’s expertise to develop the patch and update management project for energy delivery systems. The energy sector places an emphasis on the availability and reliability of energy delivery operations. While best practice avoids the connection of energy delivery system devices to external networks, their increasing interconnectivity poses greater risk to cyber vulnerabilities, making proper and timely patches and updates critically important to maintaining system cybersecurity.

FoxGuard Solutions was tasked with researching, developing, and demonstrating technology and techniques to identify and verify the integrity of updates and patches for energy delivery systems software, hardware and firmware, while also facilitating the deployment of those updates.

Key Elements:
• Patch & Update Data Aggregator & Web Portal
• Patch & Update Authentication
• Validation Techniques
• Query Engine

The Patch and Update Management Program simplifies the process of understanding what patches are available for energy delivery industrial control system devices for both end users and equipment vendors, while also simplifying a utilities adherence to NERC CIP v6 requirements involving patching, ultimately leading to a safer grid.

About FoxGuard Solutions, Inc.
FoxGuard Solutions develops custom cyber security, compliance and industrial computing solutions. FoxGuard provides reliable, secure and configurable patch management reporting services, which include availability reporting and applicability analysis for information technology (IT) and operational technology (OT) assets used in critical infrastructure environments. Visit foxguardsolutions.com to learn more.

About TDi Technologies
TDi Technologies, based in Plano, TX, is the first solution provider to offer a unified system for cybersecurity/operation. Their patented technology provides flexibility, automation, optimization, control and management capabilities that dramatically improve the ability to meet operation and security demands. Visit tditechnologies.com to learn more.

About U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems
In today’s highly interconnected world, reliable energy delivery requires cyber-resilient energy delivery systems. In fact, the nation’s security, economic prosperity, and the well-being of our citizens depends on reliable energy infrastructure. As such, a top priority for the Office of Electricity Delivery and Energy Reliability (OE) is to make the nation’s electric power grid and oil and natural gas infrastructure resilient to cyber threats. Visit energy.gov to learn more.

For Sales Inquires Contact FoxGuard.

Media Contact
Marcie Killen
Marketing Manager
p. 540.382.4234 x152

Webinar: ConsoleWorks | Archer Security Group

by

The 6 Areas Where a Centralized Access Management Approach Can Simplify Compliance Coverage

When researching solutions to address security and regulatory compliance, many utility organizations find themselves acquiring a number of point tools to address the various security/compliance gaps. This webinar recording will discuss how a centralized access management approach can simplify adherence to security and compliance by investigating its value and compliance coverage across both IT and OT devices for interactive access and authentication, password management, asset management, configuration monitoring, logging across various applications and devices, and patch gap analysis.

Other Collaborations with Archer Security Group:

 

Centralizing Identity and Access Management in Energy Companies

by

Over the last several months, TDi Technologies has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on an Energy Sector Asset Management Project (ESAM).

As the country’s national lab for cybersecurity, the NCCoE brings together people from industry, technology companies, government agencies, and academia to collaborate on applied cybersecurity to address broad challenges of national importance.

I’m excited to share that the NCCoE has just released a draft guide of this cybersecurity project, titled Identity and Access Management. The guide shows how utilities can control physical and logical access to resources across the enterprise using standards, best practices, and commercially available products. The draft is available for download on the NCCoE website, and they are seeking feedback on it.

The U.S. Department of Homeland Security reported that five percent of the cybersecurity incidents its Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to in 2014 were tied to weak authentication, while four percent were tied to abuse of access authority.

The NCCoE worked with technology vendors like TDi to develop an example solution demonstrating a centralized identity and access management system that would make changing or revoking privileges simple and quick. The step-by-step guide, which is modular and suitable for organizations of all sizes, also maps security characteristics to guidance and best practices from NIST and other standards organizations, and to North American Electric Reliability Corporation’s Critical Infrastructure Protection standards.

This practice guide can help energy companies reduce their risk by showing how commercially available technologies, like ConsoleWorks,* can be used to control access to facilities and devices from a centralized platform. The NCCoE and we think the guide helps meet a critical cybersecurity need, but we’d like to hear from you. Download the guide and provide your thoughts on the NCCoE website.

* While the example solution uses certain products, including ConsoleWorks, the NCCoE does not endorse these products in particular. The guide presents the characteristics and capabilities of those products, which an organization’s security experts can use to identify similar standards-based products that will fit within with their organization’s existing tools and infrastructure.

We can help

Reach out today, and we'll talk through how we might be able to help!

Contact us