For operators and owners of power generation systems, maintaining compliance and guarding against evolving cybersecurity threats represent critical, continuous imperatives. So it’s vital to quickly apply patches and fixes when vulnerabilities are identified. However, for resource-constrained operations teams, these patch validation, testing, and deployment efforts can present a number of challenges:
As part of the program, GE Vernova will test and validate antivirus (AV) and host intrusion detection (HID) signature updates as well as operating system (OS) patches for the GE Mark Series controls. First, we’ll verify whether these new releases apply to your environment, and based on that, we’ll establish a list of candidates for testing.
Once patches are tested and validated, we make them available to customers via a secure web portal. We provide cumulative updates so that your organization can stay completely up to date with the latest releases, even if an earlier update wasn’t applied. By delivering these packages, we make it easy for your team to incorporate updates into your transfer and change management processes.
The patch validation program is available as a stand-alone offering. We deliver scripted files that automate the deployment of patches and antivirus updates. Your organization can deploy these patches using GE Vernova's cybersecurity solution, which brings centralized management to the deployment process, reducing the need to run patch deployment tools locally on each system being patched.
The patch validation program helps your team more quickly and consistently apply patches and other mitigation tactics, so you can more effectively safeguard your environment and adhere to cyber security best practices.
With this program, you can more consistently and comprehensively comply with a number of government and industry cyber security standards, including North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), Nuclear Energy Institute (NEI) 08-09, and ISA 99/IEC 62443-2-4.
By employing the program’s validated, pre-packaged updates, your organization can avoid the potential risks of implementing patches that can have a negative impact on production environments.