Attacks/Breaches
1/22/2013
02:51 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

GE Boosts Cybersecurity Protections For Industrial Controls

CAP Software Update, SecurityST Appliance protect industrial controls systems from cybersecurity threats

BOSTON--January 22, 2013--GE's (NYSE: GE) Measurement & Control business has introduced its new CAP Software UpdateTM and SecurityST Appliance TM solutions to more effectively protect existing industrial controls systems from ever-changing cybersecurity threats around the world.

To keep pace with constantly evolving cyber threats, GE's new CAP Software Update will support the efforts of critical infrastructure asset owners to more effectively manage their current digital patch levels and anti-virus/host intrusion detection signatures. The upgrades also enhance system-backup capabilities to help customers maintain the continuity of their operations.

GE's new SecurityST Appliance uses innovative virtualization technology to minimize security lifecycle costs and provide enhanced recovery capabilities. The SecurityST Appliance provides centralized account management, event logging and management, network intrusion detection and update and backup change management.

"Energy producers are facing mounting challenges in securing their industrial controls, and we embrace our responsibility both to help organizations continually improve their security postures and support compliance efforts as they relate to GE equipment," said Terry Knight, general manager- control solutions for GE Measurement & Control, a GE Oil & Gas division.

GE's Measurement & Control business is a leading innovator in sensor-based measurement, inspection, asset condition monitoring, controls and radiation measurement solutions that deliver accuracy, productivity and safety to customers in a wide range of industries, including the oil and gas, power generation, aerospace, transportation and healthcare sectors.

GE's Measurement & Control business' new initiative reflects GE's broader commitment to enhance internal and external cybersecurity for GE's equipment and customers. In 2011, GE opened a new Information Security Technology Center in Virginia that specializes in cybersecurity for GE systems. The center focuses on security management strategies to prevent, detect and fix risks to GE's data, assets and intellectual property. The center also works on a host of key risk management areas such as network design, software architecture and data management. Page 2 of 2 GE January 22, 2013

In 2012, GE unveiled its Industrial Internet initiative to help organizations achieve greater operational efficiency and savings through the use of networks, intelligent sensors and cloud computing technologies. Maintaining a protected IT infrastructure is a vital requirement for the Industrial Internet, underscoring the importance of GE's commitment to cybersecurity.

About GE GE (NYSE: GE) works on things that matter. The best people and the best technologies taking on the toughest challenges. Finding solutions in energy, health and home, transportation and finance. Building, powering, moving and curing the world. Not just imagining. Doing. GE works. For more information, visit the company's website at www.ge.com.

About GE Oil & Gas

GE Oil & Gas is a world leader in advanced technologies and services with 37,000 employees in more than 100 countries supporting customers across the industry--from extraction to transportation to end use. Making the environment, health and safety, quality and integrity our highest priorities is The Way We Work. Our technologies and services include: surface and subsea drilling and production, monitoring and diagnostics, measurement and controls, large-scale LNG, pipeline compression and inspection, well site and industrial power generation, technologies for the refining and petrochemical industries, and modular CNG and LNG units for transportation sectors. Through our customized service solutions, training programs and technologies, GE Oil & Gas partners with customers to maximize their efficiency, productivity and equipment reliability; develop their next generation workforce; and fully benefit from the megatrends of natural gas, the growth of subsea and hard-to-reach reserves and the revolution in asset health management.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web