We are pleased to publish links and white papers from solutions providers, these are sponsored to help cover our costs but selected because of their genuine interest and application to the energy sector.
Siemens and Cyber Security
Siemens strengthens its customers’ industrial cyber defences with built-for-purpose hardening and monitoring OT solutions aimed at transforming an organization’s response to threats, and most importantly, builds their capacity to respond to attacks. Through intensive research and development, we built new solutions, and recognized that resilient cybersecurity requires an ecosystem of technologies, partners and solutions. We solved the confidence gap by creating visibility into operations, giving the context needed for insights that enable action.
Siemens’ industrial cybersecurity business helps its customers stay safe by:
· providing visibility into weak spots
· shoring up plant, fleet and corporate defences
· helping prepare for regulatory compliance
· detecting threats in real time and working in tandem to respond
Siemens’ white paper, Visualizing a Cyberattack on the Energy Industry: Developing and Deploying a Utility Playbook for Instant Response, is designed to help electric utilities manage an unfolding crisis using an instant response (IR) playbook to address the rise in cyberattacks targeting the energy industry’s critical infrastructure. Further information on the rise of cyberattacks against the energy industry can be found in a 2019 joint study between Siemens and Ponemon Institute, Caught in the Crosshairs: Are Utilities Keeping Up with the Industrial Cyber Threat?
Protect Critical Infrastructure from Supply Chain Attacks
Utility asset owners trust their vendors to supply valid patches and updates – but that trust can be exploited. If attackers can get counterfeit files into the hands of unwitting technicians, they can bypass traditional security measures and gain access to critical systems. Increasingly, attackers are targeting weaknesses in supply chain security to insert and distribute dangerous software.
aDolus provides a platform called FACT™ (Framework for Analysis and Coordinated Trust) for brokering information about software/firmware for critical infrastructure to help energy companies determine if updates are safe to install. FACT aggregates information from vendors, asset owners, system integrators, consultants, and security researchers to build a “FACT score” of trustworthiness. We drill down into packages to detect hidden sub-components, inspect certificate chains, validate versions and provide an authoritative and exhaustive report on all that is known about any given file.
Like a FICO credit score, FACT makes it quick and easy to make critical installation decisions and ensure governance of security processes.