VISION, EXPERIENCE, ANSWERS FOR INDUSTRY
ARC VIEW
JANUARY 11, 2018
A recent ARC briefing with PAS
executives showed that they clearly
understand the challenges of vulnerability
management in industrial facilities.
This understanding is reflected in the
design of their industrial cybersecurity
management solution, Cyber Integrity.
Enabling Continuous Vulnerability
Management for Industrial Control Systems
By Sid Snitkin
Keywords
Industrial Cybersecurity, Maturity Model, PAS Cyber Integrity, ICS Vul-
nerability, Vulnerability Management, Operational Technology (OT)
Summary
Industrial companies have made significant investments in cybersecurity
technologies to protect their plants and industrial control systems (ICS).
But many companies are unable to keep up with the never-ending stream
of new vulnerability alerts from suppliers and
groups like ICS-CERT. This leaves many plants at
risk of serious cyber incidents, jeopardizing safety
and operational reliability.
Industrial companies need to recognize and ad-
dress this serious risk. Managers need to make
sure that plants have programs in place to help
ensure that vulnerabilities are continuously managed. Operations and
compliance managers also need continuous visibility into vulnerability
management efforts across all facilities to help ensure timely and appropri-
ate cyber risk mitigation.
ARC Advisory Group recently discussed continuous ICS vulnerability
management with PAS executives. Vulnerability management of the ICS in
complex, multi-vendor industrial facilities is a key focus of the company's
Cyber Integrity solution
1
.
1
For more capabilities, see PAS Solution Designed to Provide a Foundation for Ef-
fective Cybersecurity Management, June 9, 2016.
