Tempered Networks Issues Call for Improved ICS Security Practices

Ongoing security risks highlighted in 2017 SANS Industrial Control System Security survey threaten enterprise-wide productivity


SEATTLE, WA--(Marketwired - Jul 6, 2017) - Tempered Networks, Inc. today announced the renewed need for secure industrial networks in a time of increasing risk and exposure. As evidenced by the new 2017 SANS State of the Industrial Control System (ICS) Security study, it's more important than ever for organizations to apply intelligent security practices that protect IT and OT assets. Keeping ICS and other OT systems operational is among organizations' highest priorities, according to the research. The survey sheds light on the current security issues faced by ICS practitioners, as well as the areas in which organizations could improve their preparedness.

Challenges Facing ICS Security Today
One of the main challenges facing organizations today is lack of visibility into ICS networks. This was identified as a major impediment to security cited by four in ten ICS practitioners and impacts overall security preparedness. Not surprisingly, given recent events in the news, another key challenge businesses need to prepare for is ransomware, a new top threat listed in this year's survey. Joining ransomware as a threat was the ongoing addition of new devices requiring connectivity to the network, increasing the complexity of implementing effective security practices.

A lack of patching is another area of concern highlighted in the study. Despite the obvious security benefits, only 46 percent of those surveyed apply security patches from vendors on a regular basis. Even more surprisingly, 12 percent do not apply patches or utilize a multi-layered security approach to protect control systems.

Best Practices for Securing ICS Systems
The survey findings indicate the need for businesses to improve their ability to secure industrial control systems. Tempered Networks recommends two key practices to safeguard organizations' critical ICS and SCADA (Supervisory Control and Data Acquisition) systems.

Rethink Identity
In traditional networking, IP addresses are used to both identify and locate devices. In order to ensure only trusted devices are granted network access, Tempered Networks recommends adopting an identity-first approach that assigns provable cryptographic identities to trusted ICS, SCADA systems, and associated machines. Trust is limited to specified whitelisted devices and machines to prevent unauthorized access.

Simplify Security and Networking
Reducing network complexity and the need for manual provisioning creates fewer points of weakness for malicious actors to exploit. Tempered Networks recommends centralized, automated orchestration to integrate trusted devices into the ICS network, based on cryptographic identities. Policy-based orchestration not only ensures security and simplicity, but also provides enterprise-class scalability.

"Our fourth annual inquiry of personnel tasked with ICS security finds that 44 percent consider the top threat vector to their ICS is adding devices that can't protect themselves to the network, reflecting the convergence of OT and IT," said Doug Wylie, Director of the Industrials & Infrastructure Practice Area at SANS Institute. "With ransomware identified as a top threat vector, we think ICS security practitioners continue to face many threats, while budgets are not increasing to match the threat."

"With every passing month, we witness more cybercrime and successful breaches across all kinds of organizations, commercial and government. It's a common practice for hackers to leverage vulnerable ICS systems as easy pivot points to access the broader enterprise network," said Erik Giesa, VP of Products at Tempered Networks. "The results of the SANS survey reveal that nearly 69 percent of ICS security practitioners say that threat levels to their ICS systems are high or severe and critical. The only reasonable solution is to take proactive measures to protect critical assets before such attacks happen. It's time to utilize modern technologies that unify connectivity with security to ensure operational integrity and availability of vulnerable ICS systems and aging infrastructure."

Learn More
SANS and industry experts will share results of the survey on Wednesday, July 12 at 10:00 p.m. PDT. Register to attend the webcasts at www.sans.org/u/tGz. Webcast attendees receive early access to the associated whitepaper, which will be posted and available at www.sans.org/reading-room/whitepapers/analyst after the live webcasts.

About Tempered Networks
Tempered Networks is the pioneer of Identity-Defined Networking (IDN), driving a new identity paradigm that basis trust on the host identity itself, not a spoofable IP address. Our IDN architecture unifies networking and security to overcome today's complex and inherently vulnerable networks. We provide the industry's most extensible networking overlay fabric, with automated policy-based orchestration, making it simple to instantly connect or disconnect any IP resource with another, located anywhere in the world -- on-premises, virtual or cloud. With IDN, local and wide-area micro-segmentation is now achievable and simple. It leverages your existing infrastructure, while eliminating future expenses on unecessary point networking and security products. For more information, visit www.temperednetworks.com.

You can also follow us @TemperedNW on Twitter or visit us on LinkedIn for more information about Tempered Networks and our technology.

Forward-looking statements. Certain statements contained in this press release may constitute forward-looking statements. Such statements include, for example, statements regarding the Company's or management's beliefs, expectations, estimations, plans, projections and similar statements. Any such forward-looking statements involve risks, uncertainties and other factors that may cause the Company's actual results and performance, or industry results to be materially different from any results or performance expressed or implied by such forward-looking statements. These forward-looking statements speak only as of the date of this press release and there can be no assurance that the results and events contemplated by such forward-looking statements will, in fact, occur. The Company expressly disclaims any obligation or undertaking to release any updates or revisions to any forward-looking statement contained herein.