NEW SANS Stay Sharp Training - Live Online: Quickly sharpen your skills with 2-day management courses. Save 25% thru tomorrow!


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

SANS Institute Provides Guidance on Building a Successful ICS Asset Identification Program

New report explores the benefits of ICS asset identification that resonate with senior management and offers recommendations for a successful program.

  • Bethesda, MD
  • June 19, 2020

A new report from the SANS Institute, “ICS Asset Identification: It’s More Than Just Security,” provides expert guidance to help Industrial Control Systems (ICS) security professionals learn how to articulate the ROI benefits of a successful asset identification program to senior leadership. Recommendations in the report will be shared and discussed in two webcasts on June 25 and July 15.

“Asset identification is absolutely fundamental to all of the other elements in a security program,” says Mark Bristow, report author and SANS ICS Active Defense and Incident Response Certified Instructor. “Without it, you truly have a house built on sand.”

A strong understanding of the assets on the ICS network is essential to effectively managing risk and securing operations, yet asset identification continues to be a top concern for ICS security professionals, as results of the SANS 2019 State of OT/ICS Cybersecurity Survey show. This is due, in part, to the challenge presented in effectively communicating the broader business benefits of asset identification to senior management, as it has historically been viewed as a costly and time-consuming cybersecurity effort.

The SANS report explores the many advantages for asset identification beyond the cybersecurity benefits and offers guidance to help security professionals make the business case to get the investment and resources required to develop and implement a successful asset identification program.

“As security practitioners, we often see the overall value of the domain we spend our life's work pursuing as self-evident, but it is not to everyone,” says Mark Bristow. “It's critical that we understand the needs of those we serve and work for, so that we can effectively communicate the importance of work such as asset identification in concepts they can appreciate so that we can move forward. Without the support of operations and the business, security will never be successful.”

Webcast Details

The recommendations and guidance provided in the report will be presented in detail by report author Mark Bristow in a webcast on Thursday, June 25 at 1:00p.m. EDT (17:00 UTC), sponsored by Cisco, Palo Alto Networks, PAS, and Tenable, and hosted by SANS Institute. Register to attend the webcast at

Get additional perspective on the report in a second webcast on Wednesday, July 15 at 1:00p.m. EDT (17:00 UTC), in which representatives from Cisco, Palo Alto Networks, and Tenable will join a panel discussion with report author Mark Bristow. Register to attend this webcast at

Those who register for either webcast will be among the first to receive their copy of the report, “ICS Asset Identification: It’s More Than Just Security,” written by Mark Bristow, SANS analyst, instructor, and ICS security expert.

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (