Small product announcement couldn't be more timely I spoke with SIEM vendor NitroSecurity yesterday to hear about what would normally be a low visibility announcement. NitroSecurity announced that it will support OSIsoft’s PI system, a data historian program for industrial control systems. With this integration, NitroSecurity’s SIEM platform (NitroView)can log, analyze, and correlate security events across IP and serial-connected industrial control devices. If this news came 6 months ago, I would have listened politely, hung up the phone, and then quickly forgotten everything I heard. Stuxnet changed all this. Stuxnet provides a real-world example of malware specifically intended to infect, propagate, and potentially disrupt a control network. Some analyst believe that this has already happened — Stuxnet may have caused damages leading to a delay in the launch of Iran’s nuclear power plant at Bushehr. Historically, industrial control systems like Programmable Logic Controllers (PLCs) reported their activity up to a database like OSIsoft which stored the data for basic business analysis. So what’s missing? Security smarts. There was no analysis or correlation going on to figure out whether control systems were behaving as they should or whether the data they provided was the least bit accurate. When a PLC says a closed pressure valve is actually open, it is a recipe for disaster. Integrating NitroView and OSIsoft adds security smarts to data collection. Remember Jack Lemmon tapping the gauge in the movie, “The China Syndrome,” and declaring, “hmm, that’s odd.” That’s what NitroSecurity does.Basically, NitroSecurity and OSIsoft are addressing a problem in real-time which is good news. The bad news is that I don’t believe that security regulations like NERC CIP apply to control networks (Note: I urge readers to send comments to support or refute this statement). Hopefully this gets rectified soon.The NitroSecurity/OSIsoft announcement also highlights that network security requirements can vary widely by industry and that some unique industry requirements may overlap with the U.S. critical infrastructure. Let’s hope Washington is taking notice here and that other security vendors follow NitroSecurity’s lead. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe