Over the past several months, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) has been working on a cybersecurity project involving asset management to help energy utilities and the oil & gas industry develop an automated solution to better manage their industrial control system (ICS) assets.

As part of our partnership with NCCoE and the industrial cybersecurity community, Dragos provided expertise and tools such as Dragos Platform to help develop this practical guidance that industrial security teams can utilize to implement standards-based security controls.

The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges. The NCCoE has just released draft practice guide NIST Special Publication 1800-23, Energy Sector Asset Management.  

This project explores methods for managing, monitoring, and baselining assets and includes information to help identify threats to these OT assets. Both standards and best practices were used to develop reference designs leveraging commercially available technologies. The guide also maps capabilities to NIST guidance and control families, including the NIST Cybersecurity Framework.

 “Almost everything you do in cybersecurity relies on a foundation of knowing your assets and how they are being managed,” said Jim McCarthy, NCCoE senior security engineer. “This guide provides a practical approach to OT asset management to help energy sector organizations identify the physical and logical assets on their network and detect changes to their inventories.” 

Collaborative Effort

To complete this guide, the NCCoE collaborated with Dragos and other technology vendors, including Forescout, FoxGuard Solutions, KORE Wireless Group, Splunk, TDi Technologies, and Tripwire.*

The Dragos Platform is industrial cybersecurity technology codified by ICS practitioners that passively identifies ICS network assets, pinpoints malicious activity, and provides step-by-step guidance to investigate incidents and respond.

The combination of advanced technologies for asset identification, threat detection and response with the battle-honed insights of the Dragos elite team of ICS cybersecurity experts arms enterprises with the tools needed to identify threats and respond to them before they become significant breaches.

The NCCoE believes the guide helps meet a critical cybersecurity and economic need, but they want to hear from you. Please share your thoughts on this step-by-step guide to enhance it. Download the draft guide and provide your feedback on the NCCoE comment page. The public comment period closes on November 25, 2019.

* While the example implementation uses certain products, NIST and the NCCoE do not endorse these products. The guide presents the characteristics and capabilities of those products, which an organization’s security experts can use to identify similar standards-based products that will fit with their organization’s existing tools and infrastructure.