Total Projects Executed
Total Person Hours
Total Contracts Value ($)
Executing projects in Control & Automation Systems for over 30 years covering the full life cycle from Concept to Design, Engineering, Contruction, Commissioning, Start-up and Process Optimisation has resulted in diverse experience and us delivering real value to our customers. We look forward to working with you to delivering your requirements.
As the Internet of Things (IoT) promises powerful business outcomes from connected sensor-based solutions, the Operations Technology (OT) business challenge is that cyber attacks on operational environments threaten both safety and productivity. Asset owners, system operators and system integrators need to protect against these threats to ensure operational safety and maximum uptime.
With automated production systems becoming more interconnected, the exposure to cyber incidents increases and attacks and disruptions on critical infrastructure put reputation, production, people and profits at risk.
This has left us with a new reality: If it’s connected, it needs to be protected.
Abalto can help you to defining a Security Posture Baseline as it is important to understand the steps required to implement a security strategy. We identify and initiate these steps to review a security maturity model, with clear actions outlined in a business environment:
Stage 1 Assess
Identify immediate security issues that can impact operations, even if the environment is thought to be “air gapped.” Common findings from expert assessments include unapproved wireless access points or unsafe software, vulnerabilities that attackers can easily exploit. Many immediate issues can be fixed quickly to reduce cyber threat risk.
Stage 2 Protect
Implement security monitoring and defensive layers to comply with standards and strengthen the security posture. Lower the risk of security exploits by using technical solutions, such as purpose-built industrial control security equipment. Set up automation and patch management tools to simplify and expedite security administration. Train teams on what to look for and how to respond to cyber activities, just as training is mandatory for operations safety.
Stage 3 Prevent
For sophisticated organisations, pursue proactive and predictive security measures such as running attack scenarios on cloud-collected data. “Digital twins” can replicate operating environments and simulate defences to measure threat impact and improve security. Regular assessments and security health checks can monitor dynamic environments. Across all stages, it is critical to maintain a constant vigilance to ensure basic security hygiene is implemented and cyber security policies are enforced.
Here are our 4 steps for better OT network resilience:
Step 1 – Select an advanced OT focused ICS vulnerability protection suite
Select a security vendor that offers an extensive set of Integrated Control System (ICS) specific vulnerability signatures, designed to thwart exploits and exploit variants. These should be more powerful than traditional IT threat signatures. The proper OT focused security solution should be able to defend against unknown threats, including zero-day attacks, that exploit a root vulnerability.
Step 2 – Establish baseline for network communications
Observe and record all OT network communications to establish traffic patterns to determine “what’s normal.” This becomes the baseline for OT network communications whitelisting, the strongest form of cyber security policy creation. Having a baseline allows system operators to make informed decisions about communications integrity across their controls networks.
Step 3 – Conduct network communications whitelisting
Building on the baseline, leverage OT network communications whitelisting to enable operators to block, allow or simply alert on all traffic that isn’t match an established policy. Operators gain more control and reduce complexity associated with unnecessary traffic. This approach prevents attackers from misusing protocol commands, such as “shutdown,” “scan,” or “factory reset,” as well as parameters such as “set point.”
Step 4 – Segment the OT network
The OT security solution should utilise a drag-and-drop interface that allows an operator to quickly segment an OT network, without the need to reconfigure or re-engineer. Zone specific whitelist policies also help minimise unexpected downtime by preventing lateral movement of ICS infections. This methodology is unlike traditional VLANs or other segmentation techniques.
Site Security Health Check includes the following Tasks:
- Customer Goal – Rapidly gain high-level insight into current operational security posture
- Security Gap Analysis – Targeted
- Architectural Review – Scaled
- Findings Report – Scaled
- Information Gathering
- Documentation Review – Scaled
- Interviews & Onsite Inspection – Analyst 1 day at site
- Risk Assessment – Scaled
- Risk Mitigation Recommendations – High level general direction
Site Security Assessment includes the following Tasks:
- Customer Goal – Comprehensive view of security posture
- Security Gap Analysis – In Depth
- Architectural Review
- Findings Report
- Close-out Presentation
- Detailed Asset Review Workbook
- Information Gathering
- Documentation Review
- Interviews & Onsite Inspection – Senior Analyst 2-days on-site
- Technical Testing
- Offline Data Analysis
- Risk Assessment
- Risk Mitigation Recommendations – Prescriptive, detailed strategies
Actionable Cyber Security Report Including:
- Executive summary
- Assessment methodology overview
- Risk criteria and threat model
- Risk assessment
- Assessment observations (people, architecture and technology)
- Prioritised recommendations and mitigations
- Security roadmap
Asset Review Workbook includes:
- Security posture assessment including all the collected raw data
- Detailed analysis of potential cyber security risks for systems including: system policies, account and password controls, installed security and software, patch versions, configuration settings and network information.
Result Presentation Includes:
- Overview of the process and the results for management
- High-level summary of the full report including identified weaknesses and recommended mitigations