Security Update Management

Maintain system security without compromising its integrity 
Overview
Cybersecurity attacks targeting Industrial Control Systems (ICS) are increasingly becoming more sophisticated and frequent. Timely deployment of security patches is a key element of improving and maintaining system security over its asset lifecycle. However, with the requirement for uptime being paramount, it is important that security updates be properly validated prior to getting deployed on production environment.  
What Is It? 
CCC Security Update Management (SUM) service is designed to help asset owners deploy critical updates with confidence by providing rigorously tested OS and application patches monthly. 
How Does It Work? 
The Security Update Management service includes the delivery of monthly software security updates as well as a patch qualification report covering the following components on supported system configurations: 

• Windows Security Updates 
• TrainTools 
• TrainView 
• Trellix/McAfee Endpoint Security 
• Adobe Acrobat Reader 

Each month, newly released security updates go through a validation process at CCC’s security test lab using real control system equipment. Only qualified security updates will be released to subscribers for deployment by asset owner - either individually or centrally - or by a qualified CCC service personnel through on-site visits. 
What Problems Does It Solve? 

• Reduce Risks: Applying qualified security patches regularly reduces security risk as well as the risk of potential downtime from deploying unqualified patches. 
• Improves Compliance: Many organizations have cybersecurity policies for ICS assets in terms of the frequency of security patch deployments as well as vendor qualification of those patches. SUM service helps you achieve compliance.