Forescout Delivers Industry’s First Impact-Based Security Risk Assessment Tool for Industrial Control System and Operational Technology Networks

SilentDefense mitigates risks against increased ICS security threats with new performance analytics and compliance standards for large enterprises

Forescout Technologies, Inc., the leader in device visibility and control, today announced new innovation to its industrial control system security solution SilentDefense that will help organizations aggregate and prioritize risks targeting OT and IoT devices. The new Asset Risk Framework will provide users with intuitive, impact-based scores in a central dashboard so they can determine their current security risk exposure, identify assets that have a high potential of being attacked and enable engineers to take action on the assets that need attention.

Network security monitoring tools create large amounts of information which can be very challenging for cybersecurity and operational stakeholders to review. By aggregating and prioritizing operational and cyber security-based risk, real time decisions can be made quickly saving money and reducing probable issues to the networks.   

“The convergence of IT and OT networks and threats posed by the adoption of IIoT devices and services in the cloud has left enterprises more vulnerable than ever before,” said Damiano Bolzoni, vice president of OT and industrial business, Forescout. “It is essential that organizations have access to real time data and visibility of its entire network so they can quickly understand their risk exposure and take preventative measures to mediate against the threats.”

This automated and intuitive approach to network security and operational monitoring will enable customers to deploy an advanced and holistic OT/ICS cybersecurity solution to address the increased threats. Forescout’s latest release of SilentDefense, available in October, will also offer newly expanded capabilities to provide a predictable and preventative form of risk analysis to lessen the exposure organizations face:

• Active PLC Queries: Seamless process for cyber security analysts to create alert parameters so they can quickly set up custom compliance and monitoring directives so that no PLC/Controller can go unseen.
   
• Enhanced Compliance Reporting: Critical infrastructure managed by utility and energy organizations have compliance obligations when securing its networks. Forescout has now automated the compliance and reporting process for North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) compliance.  
   
• FIPS Compliant: All government and federal organizations have to ensure they are Federal Information Processing Standards (FIPS) compliant. SilentDefense now includes tools and functions to allow these organizations to easily adhere to the security requirements of OT and ICS Networks of FIPS for implementing crypto algorithms, encryption schemes, handling important data, and working with various operating systems and hardware.

Source: Forescout Technologies media announcement