industry
UNLOCKED might be relevant to a specific asset ,” adds James Cartwright , C & I Engineer . “ It wasn ’ t unusual for us to spend several hours investigating the issue only to discover that we didn ’ t even have the equipment in question .”
Keeping the front office informed about the OT vulnerabilities , and remediation statuses and overall cyber-risk is also paramount , but it wasn ’ t always easy to deliver in a way that was both timely and user friendly in the past .
“ We struggled to safely and securely move data from the OT environment and display it to corporate IT users in a way that makes sense ,” said Cartwright .
To overcome these challenges and bolster its cyberresilience , West Burton wanted to check several important boxes , including :
• Visibility of OT assets on the OT network without impacting uptime and availability
• A centralised asset inventory to move away from a time-consuming manual process , without disrupting the operation of modern and legacy systems
• Ability to demonstrate compliance to regulators with confidence
• Clear remediation and mitigation strategies to adhere to the company ’ s acceptable level of risk
• Using the most up-to-date OT vulnerability database to reduce false positives
That ’ s when Keyworth and the team set out to find a new solution to secure its OT environment and ensure leadership had a complete understanding of the plant ’ s complexity and associated risks .
Tenable OT Security – purpose built to safeguard converged IT / OT industrial environments without disrupting productivity
Tenable OT Security lets organisations prioritise action and enables their IT and OT security teams to work better together .
Plant team manages remediations and delivers actionable data to front office
Tenable OT Security was initially deployed in 2022 , providing Keyworth and Cartwright with complete visibility and control over the West Burton B ’ s operations , which includes countless assets which may or may not be supported by the many OEMs charged with maintaining the plant ’ s equipment .
“ We use Tenable OT Security to identify vulnerabilities and maintain a complete asset list , sometimes surfacing issues that our OEMs either don ’ t know exist or no longer support ,” said Keyworth . “ Then as part of our workflow we import everything into Tenable Security Center for scoring , prioritisation and to track how we are reducing vulnerabilities asset by asset as we remediate .”
When facing a situation where a vulnerability simply can ’ t be remediated , such as on a piece of legacy OT equipment that is no longer supported , the team uses Tenable to assess the acceptable level of risk . The team can then implement measures to prevent access to those systems and keep leadership informed .
“ With Tenable OT Security , the data is visible on the wall ,” said Cartwright . “ Vulnerabilities are fed into an
Using Tenable OT Security we can identify vulnerabilities early in the process .
Tenable OT Security brings visibility , security and control to industrial environments , critical infrastructure and more , helping organisations maintain productivity , meet compliance requirements and stay safe from cyberattacks .
Using a patented hybrid discovery approach to safely gain visibility into devices and cyber-physical systems without causing disruption , Tenable OT Security delivers a complete asset inventory along with deep situational awareness across all global sites , all in a single interface .
WWW . INTELLIGENTCISO . COM 53