Cybersecurity of ICS (Industrial Control Systems)
The connectivity of Industrial Control Systems with enterprise and IT networks is increasing, driven by Industry 4.0 and the ever-growing need for data availability for operations & business users. ICS’s are no more isolated from the threats that were typically faced only by IT networks in the past. That, combined with the fact that Automation systems were traditionally not designed with Cybersecurity considerations, makes these systems extremely vulnerable to Cyber attacks.
In the past, Automation systems were less of a target for cyber attacks. This has changed over the years. According to recent survey report, 54% of companies experienced an ICS security incident in the past 12 months.
Security of Automation systems is even more critical because an attack on Automation systems can not only cause disruption to the production and business operation, but it can also potentially impact the safety and environment of the plant and its vicinity. In worst cases, it can cause loss of life.
Even though many of the technologies used in an Automation system are the same as in IT environment (e.g. Computers, servers, software, networking equipment), the needs and priorities of an Automation system security are not the same as for an IT network. Typical IT Cybersecurity policies, standards, and procedures cannot be employed to secure an Automation system without careful consideration. Securing the Automation systems requires strong knowledge of the automation technologies as well as the operational needs and priorities.
Our engineers have the required skills and knowledge of Automation technologies, networks, IT, and cybersecurity to secure your Automation systems without impacting the plant operation.
Existing systems:
For your existing ICS installations, we offer the following Cybersecurity services:
- Develop Asset inventory and management framework
- Develop data flow diagrams
- Perform gap and vulnerability assessment
- Perform risk assessment
- Recommend and implement countermeasures (Defence-in-depth)
- Design and implement secure system architecture and interfaces (Zones and Conduits model)
- Design and configure industrial firewalls & DMZs
- Perform systems and network hardening (wired and wireless networks)
- Implement user account management and access control
- Develop policies, standards, and procedures
- Identify applicable regulatory compliance requirements
- Conduct compliance audits
- Develop CSMS (Cyber Security Management System)
- Develop disaster recover procedures
New installations:
For greenfield projects, we can partner with you in the following areas:
- Develop requirements and specification for ICS Cybersecurity
- Develop Cybersecurity Framework
- Design Cybersecurity Management System
- Design secure integrated architecture
- Develop policies, standards, and procedures
- Review network design and architecture
- Perform risk assessment on ICS design
Operations & Maintenance support:
We also offer following services for Cybersecurity life-cycle management for your ICS
- Security Patching and updates deployment
- Disaster recovery testing
- Compliance audits
- Network and system monitoring
- Periodic gap and vulnerability assessment
ICS Cybersecurity training:
We offer standard training as well as customized courses on different ICS Cybersecurity topics including:
- Cybersecurity awareness training
- Operational security for control systems
- Managing Cybersecurity of ICS
- Cybersecurity design basics
- Cybersecurity Assessment
- ISA/IEC 62443 certification preparation