SANS Institute Provides Guidance on Building a Successful ICS Asset Identification Program

Bethesda, Md. – A new report from the SANS Institute, “ICS Asset Identification: It’s More Than Just Security,” provides expert guidance to help Industrial Control Systems (ICS) security professionals learn how to articulate the ROI benefits of a successful asset identification program to senior leadership. Recommendations in the report will be shared and discussed in two webcasts on June 25 and July 15.

“Asset identification is absolutely fundamental to all of the other elements in a security program,” says Mark Bristow, report author and SANS ICS Active Defense and Incident Response Certified Instructor. “Without it, you truly have a house built on sand.”

A strong understanding of the assets on the ICS network is essential to effectively managing risk and securing operations, yet asset identification continues to be a top concern for ICS security professionals, as results of the SANS 2019 State of OT/ICS Cybersecurity Survey show. This is due, in part, to the challenge presented in effectively communicating the broader business benefits of asset identification to senior management, as it has historically been viewed as a costly and time-consuming cybersecurity effort.

The SANS report explores the many advantages for asset identification beyond the cybersecurity benefits and offers guidance to help security professionals make the business case to get the investment and resources required to develop and implement a successful asset identification program.

“As security practitioners, we often see the overall value of the domain we spend our life's work pursuing as self-evident, but it is not to everyone,” says Mark Bristow. “It's critical that we understand the needs of those we serve and work for, so that we can effectively communicate the importance of work such as asset identification in concepts they can appreciate so that we can move forward. Without the support of operations and the business, security will never be successful.”

Webcast Details

The recommendations and guidance provided in the report will be presented in detail by report author Mark Bristow in a webcast on Thursday, June 25 at 1:00p.m. EDT (17:00 UTC), sponsored by Cisco, Palo Alto Networks, PAS, and Tenable, and hosted by SANS Institute. Register to attend the webcast at

Get additional perspective on the report in a second webcast on Wednesday, July 15 at 1:00p.m. EDT (17:00 UTC), in which representatives from Cisco, Palo Alto Networks, and Tenable will join a panel discussion with report author Mark Bristow. Register to attend this webcast at

Those who register for either webcast will be among the first to receive their copy of the report, “ICS Asset Identification: It’s More Than Just Security,” written by Mark Bristow, SANS analyst, instructor, and ICS security expert.

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (