IN ALLIANCE WITH OUR PARTNERS, WE HAVE DEVELOPED
A UNIQUE AND ROBUST INDUSTRIAL CYBER SECURITY SOLUTION PACKAGE
INDUSTRIAL CYBER SECURITY
In the past, industrial control systems used to operate in isolated networks, with no connection to the outside world. Today this is no longer the case, as many devices used in plants are networked and connect to the internet. This has created security risks of both internal and external malicious attacks within plants.
In alliance with our partners, we have developed a unique and robust industrial cyber security solution package. To that effect, Dickinson Technologies also provides detailed cybersecurity risk assessments for plants, outlining potential attack vectors and any existing vulnerabilities present.
OT/ICS SECURITY SERVICES
CYBER ASSESSMENT SERVICES
Inventory Assessment Service
MANAGED CYBER SERVICES
Continuous Compliance and Assurance
Endpoint Threat Protection
Inventory Management Service
CYBER RESPONSE SERVICES
Analysis and Investigation
OT/ICS CYBER ASSESSMENT SERVICES
Understanding the risk posed to the Operating Technology and Industrial Control System environments in order to plan and remediate the risk through a structured approach.
INVENTORY ASSESSMENT SERVICE
This service provides an accurate assessment of the OT and ICS assets deployed in an industrial environment. Most OT and ICS environments are built over extended periods and the documentation of the actual inventory is generally very poor. Attempting to protect an environment without understanding the inventory is impossible. In addition, interdependencies are documented to eliminate risks and enable the optimization of processes.
This service executes a comprehensive cyber assessment of the OT and ICS environments and provides a remediation plan and roadmap to address the risks uncovered. This service includes the Inventory Assessment and Vulnerability Assessment services as input but further assesses the environment against the chosen Cyber Security Framework (CSF) to address people and process vulnerabilities in addition to technical vulnerabilities which the other services address.
This service assesses the vulnerabilities in the OT and ICS environments. This service includes the Inventory Assessment Service as part of its output as it is imperative to know the inventory in order to determine the vulnerabilities in the environment. This service ensures that the actual risk that the environment is exposed to is understood. Its output ensures that applicable remediation strategies can be planned. Periodic repetition is important to ensure that changes in the environment are tracked and new vulnerabilities discovered since the last assessment was uncovered.
This service provides periodic assurance that the OT and ICS environment conforms to defined configuration and vulnerability management best practices. This is an independent verification or audit service to determine that the inventory of assets is correctly documented and configured to reduce the attack surface to provide assurance to the risk and audit committee that the OT and ICS environment is protected to an appropriate standard.
OT/ICS MANAGED CYBER SERVICES
Managing the OT and ICS environment to ensure that it is appropriately protected on a continuous basis.
CONTINUOUS COMPLIANCE AND ASSURANCE
This service continuously provides assurance that the OT and ICS environment conforms to defined configuration and vulnerability management best practices.This is a continuous verification or audit service to determine that the inventory of assets is correctly documented and configured to reduce the attack surface to provide assurance to the risk and audit committee that the OT and ICS environment is protected to an appropriate standard.
This service determines the vulnerabilities in the OT and ICS environments on a periodic basis and ensures that the actual risk that the environment is exposed to is understood and managed on a continuous basis. Its output ensures vulnerabilities are discovered as they become known and can be provided to control engineers to remediate as soon as production allows. The service reports vulnerabilities based on the discovered inventory when the vulnerability scans are conducted on a periodic basis.
ENDPOINT THREAT PROTECTION
This service confirms that every single ICS change was authorized and had a valid MOC entry. The endpoint for every ICS modification will be investigated to determine the cyber security impact. This will involve a detailed review of the underlying ICS software program (i.e. ladder logic, FBD, SFC, and Structured Text) against an established baseline. This service is vital in critical production and industrial environments where service interruption is not an option.
This service provides an accurate continuously updated inventory of the OT and ICS assets deployed in an industrial environment. This is done independently of the control engineering team to ensure independent updating is conducted. This service is useful in that it documents interdependencies to eliminate risks and enable optimization of processes on a continuous basis.
OT/ICS CYBER RESPONSE SERVICES
When a cyber incident impacts an OT and ICS environment it must be possible to understand the root cause, gather evidence, act against the perpetrators and be in a position to restore production as quickly as possible.
ANALYSIS AND INVESTIGATION
This service investigates a cyber incident to understand the root cause, analyses data to understand the impact, and assist in remediating the underlying risk to prevent future reoccurrences. The service is often the starting point for a larger risk management process that is triggered due to a cyber incident. The service investigates the incident utilizing the required tools and processes and produces a detailed incident report with root causes and recommendations on remediation.
This service is similar to the Analysis and Investigation service, but with the addition of a forensic investigation approach. The forensic investigation approach ensures that evidence is gathered on a forensically sound basis to preserve the chain of evidence so that the evidence can be used in legal proceedings. The service employs further forensic investigation and evidence collection tools to ensure the chain of evidence is preserved. The service produces an incident report with gathered and protected evidence in support of the report.
This service ensures that the OT and ICS environment is properly documented, and configuration management is in place to collect configuration backups and preserve them in case of disaster. The service addresses processes required to collect backups and the required processes to restore the systems in case of disaster. It assists in creating a recovery plan to ensure the organisation is prepared in case of a disaster and assists the organisation with training in order to simulate a disaster situation. The service employs disaster and recovery frameworks as guidance to prepare and plan.