One of the findings of the recent SANS report “Securing Industrial Control Systems – 2017” is that the number one technology industrial organizations are looking to implement over the next 18 months is intrusion detection.
Up until recently, detecting anomalies on ICS networks that might be caused by a cyberattack has been ”mission impossible.” That’s because such networks typically include equipment from a wide assortment of vendors, run thousands of real-time processes and generate huge volumes of data. Analyzing and monitoring this data to detect anomalies was very difficult.
The good news is that a new generation of ICS cybersecurity tool is available for industrial intrusion detection. This article describes how our product, SCADAguardian does it, and gives an example of how it would detect and counter a cyberattack on a regional control center of an electric power utility.