Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a profusion of vendors...

Fortra’s Tripwire NERC CIP Solution Suite is an advanced offering that augments Tripwire’s tools for meeting 23 of NERC CIP’s 44 requirements. The Tripwire NERC CIP Solution Suite allows you to achieve and maintain NERC CIP compliance with high efficacy and reduced effort. This suite includes continuous monitoring of cyber assets, automated assessment of security, and audit-ready evidence with...

The North American Electric Reliability Corporation (NERC) maintains comprehensive reliability standards that define requirements for planning and operating the bulk electric system (BES). Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which specify a minimum set of controls and processes for power generation and transmission companies to follow to ensure...

Get Safe and Compliant Keeping your organization safe and compliant is challenging and complex. Security is more effective when you have documented baselines for a system’s configuration, usually in the form of a security policy. These policies specify recommended or required system configurations, including applications, ports, services, and security basics. But ask yourself: How can I validate...

However, gaining this caliber of visibility can be challenging for many reasons, including: Standard IT solutions and scanning methods are typically incompatible with and unsafe for industrial networks » Traditional industrial asset inventory solutions often require hardware that can be costly, complex, and time consuming to deploy Many industrial networks are geographically isolated and/or air...

Industrial automation and process control systems largely run our world. However, cyber risks to industrial networks, endpoints and control systems are on the rise and protecting highly specialized plant environments can be very challenging for industrial businesses and critical infrastructure. Cyber threats have been shown to come from simple employee or contractor error, malicious insiders or...

How are you protecting your industrial assets from cyber threats? Industrial control system (ICS) environments pose unique security challenges that can quickly drain your resources if you’re faced with time consuming manual asset inventory and a lack of cohesion between your organization’s IT and OT strategies. Many security solutions can disrupt ICS or SCADA equipment as well, meaning you need a...

The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote...

The cybersecurity skills gap leaves Federal agencies without adequate staffing for the operation of their security tools. High turnover rates can also cause agencies to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote work...

More attention is being paid to risks around the supply chain in the bulk electricity system (BES). When third-party vendors introduce new products, software and personnel into a power supplier’s environment, the potential for new cyber risks increases. For this reason, the North American Electric Reliability Corporation ( NERC ) recently added a new set of requirements to its Critical...

Some of our nation’s most critical physical infrastructure is represented by the national Bulk Electric Systems (BES). Today’s digital world relies upon this interconnected network of power generation and transmission systems more than ever. To ensure the reliability and resilience of that network, providers must continually manage threats to the infrastructure, including many that relate to...

Industrial operators subject to the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standard know that achieving compliance is no minor feat, and serious strategic consideration is required to ensure efficient resource use in the compliance process. By meeting NERC CIP compliance, these companies take important steps towards securing their IT/OT...

The NERC Critical Infrastructure Protection standards are designed to enhance reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit ready with the resources required to achieve and maintain compliance. NERC CIP version 6 increases the amount of work...

The NERC Critical Infrastructure Protection standards are designed to enhance the reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit-ready with the resources required to achieve and maintain compliance. NERC CIP compliance, especially when...

SigmaFlow is the industry leading solution for orchestrating NERC CIP compliance to achieve an ongoing state of Audit Readiness. Tripwire, Inc. is a leading global provider of advanced threat, security and compliance management solutions. Integrating these solutions offers an automated way to drastically reduce the time and resources required to manage NERC compliance and collect comprehensive...

An Extremely Brief History of ICS Security Industrial control systems (ICS) proliferated before cybersecurity became the mission-critical concern it is today. The shift to new network technologies improves data collection, efficiency and time-to-market, but it also produces new cybersecurity risks: Many ICS are purpose-built and proprietary, making them out of sync with modern cybersecurity...

North American electric utility companies constantly balance the need to be audit-ready for NERC CIP compliance against their top priority: ensuring the reliability of the bulk electric system. NERC CIP compliance, especially when approached using manual methods, is complex, time-consuming, and prone to human error. Further, NERC CIP requirements often infer security skill sets beyond those of...

The multiport EAGLE40 next generation firewalls offer a comprehensive cybersecurity solution to maximize uptime in today’s stringent automated environments. Ensure heightened performance capabilities with more port options, each at one gigabit per second (Gbit/s) bandwidth Protect against physical and virtual threats with ruggedized housing and Stateful and Deep Packet Inspection (SPI/DPI) modules...

With notable industrial cyber events on the rise, the 2020s are shaping up to be a challenging time for operational technology (OT) operators concerned with the safety, security, and compliance of their operational technology networks. To protect their OT environments, everyone from plant managers to CISOs is facing increased pressure to deploy effective cybersecurity solutions. However...