Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?



The Role of Asset Management in ICS Network

Most industrial Control Systems (ICS) were designed and implemented decades ago. Therefore they lack basic asset discovery and management capabilities common in IT networks.

Most industrial Control Systems (ICS) were designed and implemented decades ago. Therefore they lack basic asset discovery and management capabilities common in IT networks.

Process industries have traditionally struggled to maintain an accurate asset inventory. According to a survey of 185 process industry professionals performed by TechValidate for Intergraph, 61% of owner-operators “lack complete confidence in their ability to find information needed to support response to an emergency.” More than half spend 20-80% of their time just finding and validating plant information, including conducting walk-downs. 

With the growing risk of cyber threats, many process industry organizations are looking to secure their ICS networks. However, without fully understanding the assets in scope, it is impossible to do a risk assessment and apply effective defenses.

Why ICS Networks Lack Asset Management

Unlike the highly evolved world of IT networks, where automated discovery solutions and very sophisticated asset management practices are a given, industrial networks often rely on a patchwork of manual processes, notes and spreadsheets. Many plants have been storing facility information across various disjointed engineering information systems and struggle to gain a full picture of their assets. As older operational professionals leave the workforce, it is becoming even more difficult to track changes to these assets over time.

What’s Needed to Implement Asset Management in ICS Networks

ICS network asset management is typically deficient in three key areas — discovery, maintaining an accurate up-to-date asset inventory and tracking changes to assets over time.

Automated asset discovery is key to securing these networks. Identifying new assets that have been deployed, or retired assets that have been decommissioned, provides the visibility needed to protect them and helps prioritize security efforts. Since the deployment of these networks is always accompanied by documented changes to the original design, it is impossible to rely on the blueprints.

A typical ICS network contains controllers (PLCs, RTUs, DCSs) from a mix of vendors such as GE, Rockwell Automation, Siemens and Schneider Electric. Each of these technologies comes with a different set of requirements and challenges. It’s difficult to plan maintenance projects and design effective protections without knowing what type of assets are in scope. A comprehensive asset inventory, that includes information about the manufacturer, current firmware version, latest patches and current configuration, enables better ongoing management of these devices. It can also support backup and recovery in case there is a need to restore devices. 

Advertisement. Scroll to continue reading.

Meanwhile, inventory management is usually performed using manual processes for tracking changes, which are often inaccurate and error prone. With continuous changes being made to these networks over time, the only way to ensure a complete and accurate asset inventory is to implement an automated and continuous discovery process. This also ensures new assets are identified as they appear on the network, and helps track and validate that assets were properly deployed or retired.


Automated asset discovery and management is the first step for ensuring operational continuity, reliability and safety. Without it, it’s impossible to know what devices exist, when and what changes are made to them, and how to restore them to a “known-good” state. It also plays a key role in planning maintenance projects, deploying defense mechanisms, and carrying out effective incident response and mitigation efforts. 

Related: Learn More at SecurityWeek’s ICS Cyber Security Conference

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights