Budenberg Middle East LLC

Dead Weight Testers I Master Test Gauges I Pressure Calibrators I Temperature Calibrators I Multifunction Calibrators I Electrical Test Equipment I Pressure & Temperature Gauges I Valves I Temperature Sensors I Cables I Mixers

IT / OT AUDIT

What we offer?

BME provides enterprises with customized and cost-effective Security Solutions and Services from TCG Digital that is both technical and strategic. Thus protecting its clients with the most appropriate solutions for their specific security challenges.

TCG Digital has a commercially available state-of-the-art IT / OT AUDIT in their portfolio customized for Industrial Control Systems.

About IT / OT Audit

The word “risk” used to be synonymous with “safety hazards”, in the Manufacturing industry. Today, industrial risk, concerns about protecting industrial control systems (ICS) from cyber threats, which might result in a “safety hazard”.

The Wanna Cry and ExPetr ransomware attacks that swept the globe in 2017 taught both security experts and cybercriminals that operational technology (OT) systems are more vulnerable to attack than information technology (IT) systems. These attacks caused outages at utilities in the U.S. and Europe, as well as at manufacturers, telecoms, and public transportation systems.

Industrial Threats Come in Many Forms

Now the above example isn’t the only cyber risk to industrial control systems. Attacks are happening today by nation-states, APT Groups and industrial spies; objective is to exfilterate data from OT systems to monetize, steal intellectual property such as manufacturing blueprints or formulas, deny service or do damage to the plants.

Not all threats are based on Cyberattacks, there are accidental ones to. For example, the manufacturing line for a large automaker was shut down completely for more than 24 hours when a system integrator made a planned change on the wrong PLC. The error occurred because the hard copy asset spreadsheet he was working from was out of date and inaccurate.

Whether by accident or attack, all of these developments should have manufacturing leaders considering their options for protecting their operations from unintended or unauthorized changes.

Challenges Observed in OT security

Cybersecurity efforts in operations systems lag far behind the IT arena. Based on our assessments of different ICS based systesm we have seen some common trends across industries:

  1. Companies lack visibility into all the ICS assets they need to protect. Without automated asset management software providing constant updates, their existing asset inventory may well be outdated.
  2. Security attributes haven’t necessarily been in-built in ICS devices. This is just like the popular TCP/IP protocol. Many PLCs, RTUs, HMIs, engineering workstations, OPC servers, etc. were not designed with security in mind. But with industries adopting 4.0 the convergence has dissolved the “air gap” that once was a forte. 
  3. You cannot stop production to do updates to firmware to fix vulnerabilities. Maintenance of OT devices has to be planned long in advance, so it might be months before a system can be taken offline long enough to make updates to device security. In the meantime, a company must live with the vulnerability or find an alternate way to mitigate the risk from the threat.

Cybersecurity efforts in operations systems lag far behind the IT arena. Based on our assessments of different ICS based systesm we have seen some common trends across industries:

  1. Companies lack visibility into all the ICS assets they need to protect. Without automated asset management software providing constant updates, their existing asset inventory may well be outdated.
  2. Security attributes haven’t necessarily been in-built in ICS devices. This is just like the popular TCP/IP protocol. Many PLCs, RTUs, HMIs, engineering workstations, OPC servers, etc. were not designed with security in mind. But with industries adopting 4.0 the convergence has dissolved the “air gap” that once was a forte. 
  3. You cannot stop production to do updates to firmware to fix vulnerabilities. Maintenance of OT devices has to be planned long in advance, so it might be months before a system can be taken offline long enough to make updates to device security. In the meantime, a company must live with the vulnerability or find an alternate way to mitigate the risk from the threat.

Solution

It’s critically important to plug the ICS cybersecurity gaps. Toward this end, TCG uses the NIST, Framework for Improving Critical Infrastructure Cybersecurity to provide guidance on protecting industrial control systems and their environment. Using this framework TCG ICS Specialists work in the following key areas:

 

Automated Asset Discovery and Management

  • An effective ICS security strategy requires that an organization know exactly what assets it has, their configurations and related activities. This requires automated asset discovery to gain situational awareness, see the big picture and simplify ongoing asset management. This includes the ability to discover and report dormant or non-            communicating assets, and continuously update asset details, tracking all changes with extensive information to support backup and recovery.

Network Activity Monitoring and Anomaly/Threat Detection

  • Monitoring internal and external device communications and protocols within industrial networks using security policies can detect security threats and anomalies.

Controller Integrity Validation

  • Detecting changes to controllers made over the network or by physically connecting to the devices, including configuration changes, code changes and firmware downloads is essential for preventing failures, outages and/or physical damage.

Vulnerability Assessment and Risk Management

  • This involves performing routine vulnerability assessments on all control devices to identify missing patches and misconfigurations and risk score each device for remediating conditions that create security exposures.

Incident Detection and Response

  • This is the ability to generate real-time alerts on suspicious activities and threats detected in the ICS network. It includes the ability to create a full audit trail of all ICS activities and maintain historical controller information to support backup and recovery.

Finally, we help you integrate these capabilities IT security technologies already in use by the organization, such as security information and event management (SIEM) software.

To know more about “TCG ICS Security Practice” please contact us .