Cybersecurity Management Systems
By Jason McCroskey, I&C Engineer, Power
Have you seen USB ports on control system HMIs charging cell phones? Are you overdue on your quarterly operating system patches? Does it take more than an hour to recover critical cyber assets? Are you in need of accurate and flexible documentation practices and procedures?
If you answered yes to any of these questions, you may need to integrate a modern cybersecurity management system inside your Operational Technology (OT) network.
Have you seen USB ports on control system HMIs charging cell phones?
The USB port is a great feature of modern computers due to its accessibility and flexibility for users. However, due to features like “plug and play”, this port is highly vulnerable for introducing unwanted malware into the system. The famous Stuxnet worm was believed to have infiltrated the Natanz nuclear plant in Iran by a USB removable media device.
Modern cybersecurity management systems have the ability to control access to preapproved USB devices. Merrick can help implement a system where all these devices can be centrally managed to prevent accidental infections while increasing your network resiliency.
Are you overdue on your quarterly operating system patches?
Some control systems are still relying on older Windows XP computers to interface with PLCs. These assets are due for a complete upgrade and worthy of capital investment. Other systems may be using the latest major version of an operating system but haven’t received the latest patch. Software maintenance tasks of cyber assets are often pushed out due to the time required to patch and manage each device within the system. But what if there was an easier way?
Patch Management servers can be used to push out vendor approved patches to all your devices in a central location. Adding this feature to your cybersecurity management system can make your quarterly maintenance tasks more efficient, effective, and hopefully enjoyable.
Does it take more than an hour to recover critical cyber assets?
Imagine that it’s a Friday afternoon, and your flight is leaving in a few hours to start a five-day vacation. An operator tells you that the primary control system server has failed. Is everything backed up? How quick can you restore the failed asset? How frequent are the system backups for all your assets?
Implementing System Backup and Recover (SBR) software within your OT network can help automate your backup process. Restoring images on spare hardware is a quick and painless process. Ensure that this feature has been added to your cybersecurity management system today!
Are you in need of accurate and flexible documentation practices and procedures?
Cyber assets operating on the North American Bulk Electric System must comply with NERC CIP standards. Yet, it is very common that these records are not 100% accurate. This can be due to the nature of change regarding cyber assets. Your company’s documentation practices might not be flexible enough to capture the amount of change that may occur on an OT network.
A centralized portal can collect the most accurate network configuration at a click of a button. In addition, this system can poll all OT endpoint devices and produce reliable reports for NERC CIP audits. Leave the heavy lifting to your cybersecurity management system and make yourself more productive for other tasks.