Introduction
Critical infrastructure has been targeted by nation states, and power grids are frequently becoming a cyber target.

  • In 2009, Stuxnet was used to destroy Iranian nuclear facilities.
  • 2010 to 2013, Powerful Nation-State sponsored malware platforms targeting energy systems (including OT) were uncovered and made public: Stuxnet, Flame, Duqu and Gauss.
  • In 2015, Russian hackers used manual methods to take down the Ukrainian power grid.
  • In 2016, The Russian malware platform ‘Crash Override’ was used to attack the Ukrainian power grid and cripple it, in a completely automated fashion.
  • In 2017, the Irish power grid was compromised by a foreign actor via malware. Ireland is a neutral country and not part of NATO.
  • In 2017, multiple energy and nuclear facilities, based in the USA, were targeted by foreign actors.
  • In 2017, Siemens sponsored a report stating that cybersecurity defense status in the energy sectors were inadequate to deal with the levels of cyber threats. They urged investment in new technologies to counter these attacks.
  • In 2018, seven natural gas pipeline operators in the USA were targeted by foreign actors using malware.

An effective cyber-attack on an Operational Technology, SCADA Systems & Industrial Control Systems (ICS) can be disastrous. It can impact the processes, assets, investments, damage reputation and even be life threatening. A robust cyber security program is necessary.

Challenges
Adding to the complexity of the ICS and OT Systems, the goals of IT departments can be fundamentally different from those of process control departments. The IT world typically sees performance, confidentiality, and data integrity as paramount, while the ICS world sees human and plant safety as its primary responsibility, and thus system availability and data integrity are core priorities. Other core differences include differences in reliability requirements, incident impacts, performance expectations, operating systems, communications protocols, and system architectures. This can mean significant differences in implementation of security practices.
Multiple regulatory standards and frameworks exist for implementing a comprehensive cybersecurity program for an organization.



Our ICS Security consulting practice is led by industry veterans that have managed similar practices at large organizations such as GE in the past. Supported by a team of OT and IOT security specialists we bring to the engagement, not just deep technical expertise, but also comprehensive understanding of compliance frameworks and how they can be best adapted to the risks that your OT environment faces.

Consulting, Advisory & Professional Services
There are critical operational differences between ICS and IT systems that influence how specific security controls should be applied to the ICS. NII ICS Cybersecurity Team guides organizations to develop and deploy a robust ICS security program.
ICS security plans and programs should be consistent with and integrated with existing IT security experience, programs, and practices, and must be tailored to the specific requirements and characteristics of ICS technologies and environments. Organizations should review and update their ICS security plans and programs regularly to reflect changes in technologies, operations, standards, and regulations, as well as the security needs of specific facilities.
Securing and protecting Industrial assets is one of the key goals for industrial organizations.

Discovery

  • ICS Network & Dataflow Diagrams
  • ICS Asset Inventory

Analysis

  • ICS Cybersecurity Gap Assessment
  • ICS Cybersecurity Vulnerability Assessment
  • ICS Cybersecurity Risk Assessment
  • ICS Cybersecurity Strategy Development
  • ICS Cybersecurity Requirements Specification Development

Remediation

  • Industrial Network Secure Architecture Design
  • Industrial Firewall Design/Commissioning
  • ICS Access Control
  • ICS Remote Access
  • ICS Wireless Communications
  • ICS Security Hardening
  • ICS Cybersecurity Acceptance Testing

Sustainment

  • ICS Security Monitoring and Intrusion Detection
  • ICS Change Management
  • ICS Patch Management Support
  • ICS Malware Prevention
  • ICS Backup and Restore
  • Periodic ICS Cybersecurity Audits

Why Network Intelligence
The following are some of the key differentiators of our ICS Security Practice

  • A mature and experienced team, that understands the differences between OT and IT security challenges and solutions
  • A comprehensive understanding of relevant regulations and frameworks that are applicable for the critical infrastructure sectors
  • Numerous successful projects executed across energy, manufacturing, and pharmaceutical clients
  • Technology coverage includes equipment from OEMs such as Honeywell, GE, ABB, Schneider, Yokogawa, and others
  • Technology partnerships with ICS Security specialist companies such as CyberX, Tripwire, and Tufino.

ICS Security Training course
We are right now at the cusp of a major change in the way we address ICS/OT Security. With the advent of Industrial IoT (IIoT), previously isolated infrastructure is now exposed to the cloud.
There has been an upsurge of cyber threats to industrial control systems, but the unique nature of those ICS/OT environments involves special methodologies to secure them. Many organizations are discovering that current IT security controls are inadequate to tackle ICS/OT security. At the same time, from a people perspective there's a major disconnect between the OT and IT Security teams. OT teams believe they've a good handle on security risks, whereas IT Security teams approach OT Security with the same philosophy they apply to IT - but that doesn't work. To catch up to the upsurge of increasing threat landscape, organizations acknowledge a need for first-hand cybersecurity skills, and are looking for better awareness and ICS/OT specific training for both Operational Technology employees and IT security professionals.
Effective cyber security for operational environments requires common understanding of best practices, awareness of emerging threats, and attention to existing vulnerabilities. Our 2-day comprehensive OT Security Training program is completely focused on bridging this gap, creating high level of awareness, and providing practical insights to participants looking to address OT security challenges.

Explore the course

Next AssessmentRed Team Assessment