Energy is the backbone of industrialized civilization, making it a prime target for cyberattacks from organized criminals and nation states alike. Keeping energy and utilities providers safely operational is as much a matter of public safety as it is a business necessity. Complying with the relevant regulations is crucial.
Energy and utilities organizations must comply with ISO 27001:2013, which provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system to mitigate risks facing these businesses.
The standard includes a recommendation for analyzing and reporting on log data. Using SNARE Agents, you can capture the ISO 27001-mandated logs and send them in real-time to any SIEM for analysis. Meanwhile, the SNARE Central Server provides a centralized collection, analysis, reporting, and archival function for a variety of audit log sources.
SNARE helps you secure your operation and meet compliance requirements by:
- providing user session logs, privileged user access logs and USB auditing
- collecting access management activities to support information security controls
- controlling assets through log collection on all assets
- logging all authentication failure and logins for all locations, and monitoring privileged user access logs
- monitoring logs from routers, switches, and UPS for changes to devices being connected to the network
- improving operational security by collecting all logs from any OS (Windows, Linux, OS, Solaris) along with additional flat file collection from Epilog, file integrity monitoring and UTC clock
- providing customized reporting to review access to sensitive information.