At the 2018 Ovation Users’ Group Conference, Emerson’s Jose Pablo Bonilla and Levi Crosier described the different components of the Power and Water Cybersecurity Suite (PWCS). This presentation included providing users with guidance for configuring their systems, identifying custom reports & dashboards along with establishing a cadence for performing routine security tasks effectively & efficiently. Their focus included:
- Use of PWCS Dashboard for reporting purposes
- Antivirus (reporting, definition updates)
- Application control (define whitelist)
- Configuration management (AD details)
- Device control (disabling USB/DVD drives)
- Patch management (accessing & installing appropriate patches/feature packs)
- System Backup & Recovery (best practices, use of tools)
Levi opened highlighting the modularity of PWCS:
Depending on the application, different modules are used to provide the cyber risk reduction required.
McAfee ePO helps manage multiple security features on Windows-based devices including antivirus, whitelisting, approved USB devices, rogue device monitoring, antivirus and patch updates, and automation of this management process.
From an anti-virus protection perspective, the McAfee Endpoint Security Platform and McAfee Endpoint Security Threat Prevention provide daily antivirus definition update, quick scans and periodic full scans.
Security Incident & Event Management (SIEM) aggregates log files and performs event correlations. These data sources can be reviewed and alerts and reports generated based on the events and correlations found.
The System Backup and Recovery module maintains current backups and provides restoration function in the event of a problem. Other modules perform Vulnerability Assessments and provide report and remediation tips to address these vulnerabilities. Another module provides network management and the status of network devices including switches, routers, advanced security appliances (ASAs), etc.
The Network Intrusion Detection (NID) module monitors packets inbound and outbound from the network and packets going through specific points in the network.
Jose concluded the presentation reiterating how PWCS can help with both corporate and federal compliance standards regarding antivirus protection and removable USB devices. Maintenance activities include database maintenance and system backups. Automation for definition deployment and report generation & delivery built into the modules can reduce time and efforts to maintain protection levels and compliance to requirements.
You can learn more these ICS cybersecurity protections in the Power and Water Cybersecurity Suite section of Emerson.com.