About Industrial Cyber Security

Leveraging your most powerful intelligence tool

What is Industrial Cyber Security?

Industrial Cyber security protects the data and integrity of computing assets belonging to or connecting to an organization's network. Its purpose is to defend those assets against all threat actors throughout the entire life cycle of a cyber attack.

ICS RISKS AND REASONS

VECTORS OF ATTACKS

SOLUTION STRUCTURE, DEEP DIVE

    Technologies

  • Centralized management
    • Single management console
    • Software provisioning
    • Policy management
    • Reporting

  • Integrity Control
    • Whitelisting
    • Device control
    • Network Integrity control
    • Process Integrity control
    • PLC Integrity control

  • Anomaly Detection
    • Network Attack Blocker
    • Firewall
    • IDS
    • Automatic Exploit prevention

 

  • Anti-malware
    • Signature-based
    • Proactive defense
    • Malware actions rollback

  • Forensics
    • Safe event logs
    • Data analysis

  • Interoperability
    • SIEM
    • HMI
    • Syslog
    • Network management system
    • Mail

    Services

  • Knowledge
    • Cybersecurity Trainings
    • Intelligence (reports and feeds)
    • Industrial Simulations

  • Expert Services
    • Security Assessment
    • Penetration Testing
    • Solution Implementation
    • Incident Response

CYBER SECURITY IS A PROCESS NOT A PROJECT

ICS For Network VS Threats And Risks Factors

Threats and Risks factors KL Technologies to address
Appearance of unauthorized network devices at industrial network Network Integrity Control detects new / unknown devices
Appearance of unauthorized communications at industrial network Network Integrity Control communications between known devices
Malicious PLC commands by:
  • Operator or 3rd party (e.g. contractor) by mistake
  • Insider (fraud actions)
  • Attacker / Malware
Monitoring of communications to and from PLCs and control of commands and parameter values of tech process;
Lack of data for operators on cybersecurity incidents Alerts on suspicious tech process parameter changes and malicious to operator (via HMI integration)
Lack of data for investigation and forensics Forensics tools: monitoring and safe logging of industrial network events

Industrial Cyber Security Services

Knowledge

Cybersecurity and awareness trainings,Intelligence (threat feeds and reports),Industrial simulations (e.g. KIPS)

Expert

CyberSecurity Assessment (CSA) incl. PenTesting, Solution maintenance, Incident response

TAKEAWAYS

  • Threats to Industrial and Critical infrastructures are very real
  • Attack vectors to ICS are various
  • Unawareness and unreadiness of ICS staff => people - core element of cybersecurity to start with
  • Conventional IT security doesn’t suit ICS, only specialized technologies work there
  • Right Industrial CyberSecurity is:
    • About People – Proper technologies – Process
    • Holistic – deals with all possible stages of security incident