What is OT/ICS system hardening?
System hardening is the process of resolving risks and vulnerabilities on assets and networks to ensure secure and reliable cyber-physical operations.
Key elements of ICS/OT system hardening include:
- Patching of software and firmware
- Secure configuration
- User and account access limitation
- Ensuring network connectivity security
- Removal of unnecessary software
- Ensuring proper backups
Elements of Verve’s OT System Hardening
Hardening OT systems requires an integrated set of actions to address some risks directly and develop compensating controls for others
OT/ICS network hardening is critical for security for several reasons:
- Many devices were not built with security in mind so need protective elements surrounding them
- Immediate patching is often challenging, requiring compensating controls to enable security
- Over time, systems that were originally secure become less secure as changes are made
- Often organizations deploy devices with IT-standard software which is not necessary, and potential creates risks, for OT/ICS networks
- In many cases, these devices are not connected to ActiveDirectory and lack standardized policies required for security
Executing operationally-safe remediation requires deep knowledge of industrial control systems and the processes they manage. Many policies and settings that would work well in IT create operational reliability issues in OT/ICS. Therefore, it is critical that the people conducting this work are experienced and trained in the complexities of control systems.
Verve’s deep experience across all OEM equipment and different industries enables us to harden systems and servers while maintaining reliability. Documentation cannot provide all of the potential implications of setting configuration settings in a certain way or why certain service accounts exist. It is only with experience and the learnings gained by years of working with these systems that you come to understand what is and is not feasible.
We partner with our clients to accelerate their ICS cyber security maturity by using vulnerability assessment outputs to rapidly shift and harden their control systems to jump start the security of their most critical assets.
Our Customer Success
"The big advantage to working with Verve is that one team can manage remediation across all the CIS controls - patching, configuration, backups, whitelisting, network segmentation, etc. We don’t have to manage multiple teams and try to integrate ourselves."
Director Cyber Security, Leading US Power Utility
System Hardening Customer Success
A leading US power generation organization needed to achieve fleet-wide compliance with all CIS controls within six months. See how the Verve Security Center delivered full compliance on time and on budget for visibility and automation.