Critical infrastructure security

Supervisory Control and Data Acquisition (SCADA) systems include applications that perform vital functions and deliver core support services as part of a critical Operation Technology (OT) infrastructure. SCADA, core of Industrial Control Systems (ICS) operates at many modern industries. These systems and applications are key to providing essential services and commodities, such as energy, manufacturing, oil, gas and other utilities. 

Many industries that are heavily involved with process control exploit the internet to:

• facilitate remote system access and control
• integrate supply chains
• centralize information databases

Process efficiencies are also gained by connecting private and public networks, such as enabling field devices to connect with Corporate LANs as well as the internet.

However, this can lead to a security breach to these systems and can result in severe reputational and financial consequences. The threat of a cyber-attack to SCADA systems presents a serious security risk for many organizations operating at a local, national and global level. 

We conduct audits and gap analysis to identify your SCADA security risk profile, benchmarking the controls that are in place against industry standards and best practices.

We identify measureable packages, which quantify those risks and develop appropriate mitigation strategies. These strategies can be planned into future projects and undertaken using a standards-based approach. 

Our team of experts can deliver and implement key mitigation projects on your behalf.

These range from project management of mitigation activities to the installation and commissioning of specific technical controls including industrial firewalls, data diodes and secure gateways. 

We apply our client engagement methodology to ensure effective planning and measurement are central parts of these mitigation projects.

Our expert SCADA penetration testing team offers a comprehensive review of your SCADA/ICS system. This assessment can take on many forms, including reviews of relevant policies and procedures, architecture review, physical security assessment, infrastructure penetration testing, segregation testing and build review exercises.

By assessing systems from multiple vantage points, we can achieve a holistic view of the security posture of your SCADA/ICS systems.

We have developed an industrial control cyber lab, a specialist facility designed to test the security of industrial control systems.

We can provide vulnerability analysis and code testing for a range of SCADA operating systems. 

Certified Lead SCADA Security Professional 

We run a five-day intensive course where you can develop the necessary skills to plan, design, and implement an effective program to protect SCADA systems.

You'll be able to identify common industrial control system threats, vulnerabilities, and risks and understand how they can be managed. This training focuses on giving you a mixture of knowledge and skills related to SCADA/ICS security.