CHECKLIST
Checklist: Critical Information Infrastructure
ICS Cyber Security Considerations
CRITERIA COMMENTS
You should consider
1 Automated Asset Discovery and Management
Discovers level 2 control devices: operator stations, engineering workstations, and servers (Windows/Linux-based)
Indegy if….
Discovers level 1 control devices: PLCs, RTUs, DCS controllers
Discovers level 0 devices (I/Os)
Your ICS needs
Discovers non-communicating assets
protection from cyber
Provides detailed information onasset type, specific models, OS and firmware versions, and more (for level 1 & level 2) attacks, malicious
Provides interactive asset map displaying assets, communication patterns, protocols used, and conversations insiders, and human error
2 Continuous Network Activity Monitoring, Anomaly, and Threat Detection
Detects threats and anomalies by monitoring device communications and protocols (both external and internal)
Out of the box security policies for threat and anomaly detection You are looking to reduce
User-friendly granular policy customization engine for threat and anomaly detection costs associated with
OT data-plane protocols coverage operational disruptions
OT control-plane engineering protocols coverage
3 Controller Integrity Validation
Identifies changes to controllers made over the network, including configuration changes, code changes, and firmware
You need a solution
downloads
that has zero impact on
Identifies changes made to controllers by physically connecting to the devices (via serial cable or USB device)
operations
4 Vulnerability Assessment and Risk Management
Risk score by device
Vulnerability assessment for all control devices
You are looking to secure
5 Incident Detection and Response
a regional, national, or
Real-time alerts on suspicious activities and threats detected in ICS networks distributed organization
Full audit trail of ICS activities
Historical controller information to support backup and recovery
6 Architecture and Enterprise Readiness
Both HW and SW-only implementations are available You want a solution that
is easy to deploy and
Quick deployment, no training required
manage
Centralized solution management, data aggregation, alerts, and reporting
Out of the box integration: Active Directory, SIEM, Syslog, REST API, data exports
© 2019 Indegy, Inc. All rights reserved. Indegy is a registered trademark of Indegy, Inc. All other brands, products, or service names are or may be trade-marks or service marks of their respective owners. Indegy.com
