Goal
- Design and implementation of Security Information and Event Management system tailored to OT/ICS cyberthreats and environment technical capabilities.
- Provide Security / SOC team with a central state-of-the-art solution for real-time security event detection and response.
OT SIEM Implementation Steps
Key Challenges
- Numerous security systems (e.g. AV, WSUS, FW, etc.) for continuous monitoring by limited human resources
- Huge amount of security data without automatic data correlation
- Diversified nature of security data from OT components
Architecture Design
A proper solution architecture has to provide efficient, reliable and secure data acquisition from numerous and various data sources in cost-effective manner. The SIEM solution should use logs from OT systems and components deployed in segmented IT/OT network. This can be achieved in several ways depending on Client’s environment. Additionally, the solution architecture has to be tailored to Client’s environment to provide a good benefit-cost ratio in terms of security.
Data parsing, correlation and presentation
- To fully use the power of SIEM the collected data has to be parsed and correlated in a proper way, which pose a challenge in industrial networks (there is no one standard for logs). The other thing is to present the extraction of the data in an effective and clear way for system’s operators.
- The ultimate goal for implementation phase is to achieve minimal false-positive security events from the system which can be done by a proper tuning and use of industrial systems SMEs input.
Value for the Client
- Significant increase of OT systems cybersecurity aligned with security best practices and standards.
- Efficient tool for SOC team for cyberthreats immediate detection based on deployed security systems and OT components (servers, applications, PLCs, network devices, etc.).
Resources
Discover how the implemented sustainability solutions will help shorten time to improve your brand and product
News
REC welcomes you to our blog!
Reliability Expert Center (REC) is excited to introduce to you our new website and blog. Here you will find biweekly submissions of featured articles concerning Reliability, Sustainability, Lubrication, & Inspection from local and global experts that offer industry insight and best practice methods.
Case Study
Preventive Maintenance Won’t Solve Your Reliability Problems
There is a great deal that can be done to improve reliability outside of preventive maintenance. Some of it involves the maintenance department, and some of it does not.
Case Study
Preventive Maintenance Won’t Solve Your Reliability Problems
There is a great deal that can be done to improve reliability outside of preventive maintenance. Some of it involves the maintenance department, and some of it does not.
