Asset registers are an extremely important part of cyber security in ICS/OT environments, not just required for operations and maintenance.
Unfortunately, they can be overlooked as they are not considered quite as interesting or as “sexy” as other aspects of cyber security. Having a complete, accurate inventory is essential. As the old saying goes - “How can we protect what we don’t know we have?”
And as the same time, I think about the same from a slightly different perspective. Vulnerability management in ICS/OT is built off of the asset register which allow us to understand what we have in the environment and map the various hardware, software and firmware to potential vulnerabilities.
Not only that but having a sound asset inventory allows us to identify new hardware and software that are connected to the environment, whether authorized or not.
-
What happens if a maintenance technician connects a new field device?
-
What if a PLC programmer connects a new EWS to the network?
-
What happens if a bored team member in the control room connects an Xbox to the network?
-
What if an attacker connects a device and is either able to gain an IP address through DHCP or manually assign themselves one?
We have to understand what exists today before we can understand what could suddenly be new.
You must log in or register to comment.