With threats propagating further into industrial control systems, maintaining situational awareness across enterprise, ICS and SCADA networks is paramount. This requires the collection and normalization of logs and events across IT and OT systems into a common taxonomy, so that critical infrastructure operators can effectively monitor industrial networks and detect threats and anomalies that span multiple enclaves. In his session, titled “Obtaining Situational Awareness Across Isolated Systems,” Knapp will explore the best practices in data collection, normalization and correlation in order to strengthen security and achieve true situational awareness in industrial networks.
NitroSecurity is the leader in security information and event management within industrial control systems, and has pioneered multiple advancements in ICS and SCADA security monitoring. This latest research, which involves the integration of operational and process management data into security information management systems, aims to improve the detection of new and more sophisticated “Stuxnet-class”
NitroSecurity develops high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry’s fastest analytical tools, NitroSecurity identifies, correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to their information and infrastructure. NitroSecurity serves more than 500 organizations in the energy, healthcare, education, financial services, government, retail, hospitality and managed services industries. For more information, please visit http://www.nitrosecurity.com.