Foxguard | LinkedIn (original) (raw)

Computer and Network Security

Christiansburg, Virginia 14,674 followers

CYBER SECURITY | INDUSTRIAL COMPUTING | COMPLIANCE

• Discover all 110 employees

About us

Founded in 1981, Foxguard delivers innovative products and services that optimize and protect Operational Technology (OT) and Informational Technology (IT) within critical infrastructure markets. In partnership with the US Department of Energy (US DoE) and asset owners across multiple critical infrastructure sectors, Foxguard developed their Patch and Update Management Program (PUMP) to address vulnerability and risk management challenges within these environments. Following the successful launch of PUMP, Foxguard partnered with the US Department of Defense (US DoD) and additional asset owners to develop the Sentrigard suite of products. Foxguard offers programmatic assessment and program development to support a variety of standards and frameworks such as NERC CIP, NEI 08-09, NIST CSF, TS 50701, TSA (SD) 1580-21-01, SD 1582-21-01, API 1164, US DoD CMMC regulatory requirements within OT and IT environments. In addition, Foxguard’s industrial computing division provides the capability to develop turnkey computer solutions for use within these environments. We are your one source. Products are built in our secure, ISO certified facility and can be shipped worldwide. We are an ISO 9001 & ISO 27001 certified company. Industries: Energy, Oil & Gas, Nuclear, Manufacturing, Transportation, Building Automation, Federal Government / DoD, Independent Software Vendors, Simulation & Training, Marine Foxguard is a wholly owned subsidiary of Framatome, an international leader in nuclear energy.

Industry

Computer and Network Security

Company size

51-200 employees

Headquarters

Christiansburg, Virginia

Type

Privately Held

Founded

1981

Specialties

Cyber Security, Patch Management, Industrial Computing Solutions, NERC CIP compliance, Custom Engineered Computers, Integration Services, CMMC, NEI 08-09, NIST CSF, TS 50701, Cybersecurity Operational Technology, Vulnerability Management , Risk Assessment, Asset Identification, Asset Baselining, and Simulation

Locations

Employees at Foxguard

Updates

• Why Operational Technology (OT) Security is Crucial for the Future of Industry Operational Technology (OT) security is no longer an emerging issue. We’ve moved past the early days when it was seen as a niche concern—now, it’s a critical priority for industries worldwide. According to recent findings highlighted by CSO Online -> https://lnkd.in/dTwjxmN8, awareness around OT cybersecurity is rapidly growing. With 76% of organizations reporting cyberattacks on their OT environments in the past year and 72% of those attacks originating in IT environments, it’s evident that threats to critical infrastructure are escalating in both frequency and impact. Why is this happening? The convergence of IT and OT environments, combined with the push for digital transformation, is exposing once-isolated systems to new vulnerabilities. Attackers recognize the lucrative potential of targeting OT assets, and incidents are rising in sectors like energy, manufacturing, and transportation. 🔍 The Key Challenges in OT Security Visibility Gaps: Many organizations are struggling to gain full visibility into their OT environments, making it difficult to detect threats in real-time. Legacy Systems: Aging infrastructure lacks modern security features, leaving gaps that attackers can exploit. Regulatory Pressure: Compliance requirements, like NERC CIP, are increasingly stringent, putting added pressure on critical infrastructure operators. 🛡️ Foxguard’s Approach to OT Cybersecurity At Foxguard, our solutions are specifically designed to target these unique challenges directly: Comprehensive Asset Management: Gain visibility into your entire OT environment with our tailored asset monitoring solutions, bridging the visibility gap. Patching and Vulnerability Management: We deliver strategic patching plans, ensuring current and legacy systems are protected without disrupting operations. Compliance Support: Foxguard helps you stay ahead of regulatory requirements, offering tools and expertise to simplify NERC CIP compliance and streamline your security efforts. The risks to your infrastructure have never been greater, making robust OT security not just optional but essential. Fortunately, the opportunity to strengthen cybersecurity and reduce risk in your organization has never been more accessible. By partnering with Foxguard, you gain access to industry-leading solutions designed to safeguard your critical systems against today’s evolving threats. Let’s secure your OT environment together. Connect with us today to learn more about how we can support your cybersecurity strategy. Contact us now to reach our sales team! https://lnkd.in/e4BQWxSK
  
• Greetings from #InCyberForumCanada in Montreal! The Foxguard team is on-site at Booth #507, engaging with attendees on the latest strategies and solutions in OT cybersecurity. Patching OT assets is no easy task, and more visibility into effective solutions benefits everyone in the industry. There’s just enough time to catch our session, "Building a Secure Foundation in OT: Essential Patching and Vulnerability Management Practices," where JF (Jay) Gignac and Laurent Duquesne will dive into strategic patching and our Vulnerability Operation Center (VoC) approach. Join us at 3:05 PM today on the Operational Technologies Stage! Stop by our booth afterward to learn more and explore how we can support your OT security goals.#Cybersecurity #OTSecurity #InCyberForum #OTCyber #VulnerabilityManagement
  
• Foxguard will be exhibiting at FIC North America in Montreal, October 29-30! Join us at Booth #507 and connect with our experts to explore the latest in OT cybersecurity. Catch JF (Jay) Gignac, Global Head of Sales, Alliances & Marketing and Laurent Duquesne, Product Strategy & Operations Director, as they present "Building a Secure Foundation in OT: Essential Patching and Vulnerability Management Practices" on Tuesday, Oct. 29, 3:05 PM - 3:20 PM, Operational Technologies Stage. We’ll cover: - Tackling unpatched vulnerabilities - Strategic patching to reduce your attack surface - How Vulnerability Operation Centers (VoC) help you maintain a secure environment Stop by our booth to learn more about our solutions and secure your OT landscape against evolving threats! Want to set up a meeting with us? Click here: Contact us now to reach our sales team! https://lnkd.in/e4BQWxSK #Cybersecurity #OTSecurity #VulnerabilityManagement #InCyberForum
  
• According to SecurityWeek: (https://lnkd.in/eZVgfxT3) “Iranian hackers, particularly the group CyberAv3ngers linked to Iran's IRGC, used OpenAI’s ChatGPT to assist in planning cyberattacks on industrial control systems (ICS). These attacks targeted water utilities in the US and Ireland. The hackers used AI for reconnaissance, vulnerability exploitation, and post-compromise actions, though OpenAI confirmed that no novel capabilities were provided by ChatGPT—only incremental, widely available tools were used. Other groups also attempted to use ChatGPT for malware development and reconnaissance.” Foreign state actors are increasingly leveraging AI to better understand and exploit U.S. ICS in several ways: - Automated Reconnaissance: AI-driven tools can rapidly scan networks for ICS asset connections, allowing attackers to pinpoint weaknesses more efficiently. - ICS-Specific Exploits: AI models are optimizing attack strategies, predicting the most effective ways to exploit ICS without requiring deep technical expertise. - Accelerated Malware Development: AI is speeding up the creation of ICS-targeted malware, enabling adversaries to deploy more sophisticated attacks at a faster pace. These advancements allow attackers to exploit ICS and critical infrastructure assets with increased precision and scale. HOWEVER, Critical infrastructure operators can take action to safeguard their ICS assets against AI-driven threats: - Network Segmentation: Isolate ICS networks from IT systems and external internet connections to reduce the potential attack surface. - Regular Patching: Ensure timely updates and patching, using platforms like those provided by Foxguard, to mitigate known vulnerabilities in ICS components. - Employee Training: Equip staff with knowledge on how AI tools can be misused in cyberattacks and enhance overall cybersecurity awareness. - Incident Response Plans: Develop and regularly update robust incident response plans specifically to counter AI-driven attacks. By implementing these measures, critical infrastructure operators can significantly reduce the risk of AI-assisted threats.
  
• We’ve been really enjoying #GridSecCon2024 here in Minneapolis! If you’re attending or in the vicinity, there’s still time to visit us at Booth #16. Come by to discuss NERC CIP compliance, safeguarding your #CriticalInfrastructure, or to get expert advice on your cybersecurity concerns. Our team, John Fallon, Christopher Humphreys, and Scott Hudson, is here and ready to connect with you! As it’s #CybersecurityAwarenessMonth, it’s the perfect moment to have a conversation about keeping your systems secure. Let’s make sure you are secured and compliant. We look forward to seeing you there! If you can’t make it, feel free to contact us to set up a meeting with our experts. Contact us now to reach our sales team! https://lnkd.in/e4BQWxSK #OTCyber #NERCCIP
  If you are at GridScCon, I hope you are ready for the opening night reception. Make sure you stop by and say hi to me and the rest of the Foxguard team at Booth 16. #foxguard #gridseccon
  
• Foxguard reposted this
  We’re thrilled to feature Monta Elkins, Hacker-in-Chief at Foxguard, as a speaker at Hack The Railroad 2024 Conference! In his session, Monta will share practical insights and strategies for enhancing the security of firmware-driven devices. As a leading expert in cybersecurity, he specializes in ICS SCADA system security and has made significant contributions to the field, including being honored as the 2018 EnergySec Cyber Security Professional of the Year. With over 70 presentations at top-tier security conferences and his role as a principal instructor at SANS, Monta’s expertise is invaluable for anyone looking to strengthen their cybersecurity posture. With the conference just days away, don’t miss your chance to attend this enlightening session! Get your pass now: https://lnkd.in/esHHHihj #HTR24 #RailwaySecurity #Cybersecurity #FirmwareSecurity #ICS #Foxguard
  
• To patch or not to patch, or perhaps, when to patch? That is the question! 🔧 In OT environments, continuous operation is key. Here’s how companies are effectively managing patching and security: 1. Risk-Based Prioritization: Devices are categorized into tiers based on criticality. Tier 1 devices, crucial for operations, are patched with minimal disruption, while non-critical devices are updated during routine maintenance. 2. Vulnerability and Threat Assessment: Using tools like CVSS, CISA KEV, and the Cyberwatch platform, companies assess vulnerabilities and consider existing mitigations to reduce risk without immediate patching. 3. Patch Compatibility Testing: Patches are tested in simulated environments to prevent disruptions. Staged rollouts ensure stability before full deployment. 4. Single-Source Patch Management: Centralized systems provide visibility, automate deployment, and track compliance, easing the patching process. 5. Resource Allocation: High-risk patches are prioritized, and third-party services like Foxguard assist with continuous monitoring and management. 6. Balancing Risk and Operational Needs: Non-critical patches may be delayed if they pose a greater risk to operations, with temporary controls in place until safe patching is possible. In summary, critical infrastructure companies balance security and operational uptime through strategic prioritization, thorough assessments, and managed solutions. Foxguard can help with all of this! Rely on our experts to craft the perfect patching plan for you. Contact us now to reach our sales team! https://lnkd.in/eaqA4K8B #OTSecurity #PatchManagement #CyberSecurity #OperationalExcellence
  
  Helping YOU Secure ICS/OT | Fellow, ICS/OT Cybersecurity Global Lead
  1mo
  Vulnerability management in OT vs IT? IT and OT can be VERY different when it comes to patching. In IT... It's pretty much - PATCH NOW! A new patch is announced. And the teams get to patching! Sure, there are a few nuances there. But that's the gist of it. In OT... When a new vulnerability is announced, we ask... -> Do we need to patch NOW? -> Can the patch wait until the NEXT maintenance window? -> Do we even need to patch at all? NEVER? I know this sounds VERY strange if you're coming from IT! Because the two approaches are very different. But it ICS/OT, we have to ensure we don't break anything. If we break something, there is a potential for... -> Loss of life -> Harm to the environment -> Significant production downtime And what does that production downtime impact? -> Trains getting you to work on time? -> Families needing clean water to drink? -> Everyone wanting to flip a switch for a light to turn on? You get the idea. So in OT, we have to ask when a new patch or workaround is released... If we don't address this vulnerability, what does it impact? -> Loss of life? -> Harm to the environment? -> Significant production downtime? If the vulnerability presents zero risk to these areas, we'll NEVER address it. If there is critical risk identified, we need to address it NOW. And if there is some risk, we will address it at the NEXT maintenance cycle. Yes, there are more nuances to it. But again, you get the idea. P.S. What am I missing?
  
• The Australian Signals Directorate's Cyber Security Centre (ASD’s ACSC), in collaboration with the US Cybersecurity and Infrastructure Security Agency (CISA), has released a guide titled “Principles of Operational Technology Cybersecurity.” (https://lnkd.in/eSqPFeyi) This guide outlines six key principles specific to OT cybersecurity, highlighting how business decisions can impact OT environments and the associated risks. The six principles are: 1. Safety is paramount 2. Knowledge of the Business is Crucial 3. OT Data is extremely valuable and needs to be protected 4. Segment and Segregate OT from all other networks 5. The Supply Chain must be secure 6. People are essential for OT cybersecurity While all six principles are important, let’s focus on Principle 3, which emphasizes the value of OT Data and the need to protect it. This principle is foundational to our cybersecurity solutions and services. Principle 3 poses several questions about where and how OT Data is stored within your organization. These questions cover topics such as: - Corporate vs. OT Network segregation - Contractor and vendor OT Data access requirements - OT Data Destruction/Disposal - Defining and limiting OT Data storage to specific network areas - OT Data process controls to prevent unauthorized storage locations Foxguard's tiered assessments can help guide you through answering these questions, ensuring the protection and retention of OT Data. Additionally, our assessments evaluate the processes and controls in place for the Confidentiality, Integrity, and Availability of OT Data, aligning them with security best practices and compliance frameworks such as NIST, CIS Benchmarks, and NERC CIP. Lastly, our Asset, Vulnerability, and Patch Management solutions are core components of our OT Cybersecurity philosophy, reinforcing the protection of OT Networks and the associated data as our top priority. For personalized guidance and expert advice on OT cybersecurity, don’t hesitate to reach out to our specialists—your data’s safety is just a conversation away! Contact us now to reach our sales team! -> https://lnkd.in/e4BQWxSK
  
• Foxguard reposted this
  
  Cybersecurity Solutions Architect at Foxguard Solutions
  1mo Edited
  I had a fun time representing Foxguard this morning with my presentation on “Cyber threat Incident Simulator” and how Foxguard and CORYS are working together to provide the Transportation industry world class services and products! One way to protect critical infrastructure is to be able to train our workforce, enabling them to adapt to cyber incidents when they inevitably happen, de-risking organizations along the way. John Fallon and I are having a productive time at our first SimTech conference hosted by Corys, and are grateful to Nicolas Lacand, Greg Hayes, and their fantastic team to be able to present on these important topics. We will be around and ready to answer questions from our industry peers. #SimTech #CyberSecurity #SimTech2024
  

Join now to see what you are missing

Join now

Affiliated pages

Similar pages

Browse jobs

• Chief Security Officer jobs 4,472 open jobs
• Director jobs 1,374,979 open jobs
• Engineer jobs 608,159 open jobs
• Design Engineer jobs 145,170 open jobs
• Director Data Science jobs 6,776 open jobs
• Developer jobs 344,797 open jobs
• Contract Administrator jobs 63,989 open jobs
• Cloud Architect jobs 65,336 open jobs
• Software Tester jobs 9,805 open jobs
• Operational Specialist jobs 79,719 open jobs
• Data Engineer jobs 241,686 open jobs
• Coordinator jobs 540,291 open jobs
• Scientist jobs 59,545 open jobs
• Consultant jobs 820,324 open jobs
• Frontend Developer jobs 21,616 open jobs
• Junior Software Engineer jobs 430,217 open jobs
• Data Analyst jobs 550,881 open jobs
• Project Manager jobs 312,603 open jobs
• Senior jobs 1,142,468 open jobs
• Sales Manager jobs 348,591 open jobs