Critical infrastructure security

SCADA security services

Supervisory Control and Data Acquisition (SCADA) systems include applications that perform vital functions and deliver core support services as part of a critical Operation Technology (OT) infrastructure. SCADA, core of Industrial Control Systems (ICS) operates at many modern industries. These systems and applications are key to providing essential services and commodities, such as energy, manufacturing, oil, gas and other utilities. 

Many industries that are heavily involved with process control exploit the internet to:

  • facilitate remote system access and control
  • integrate supply chains
  • centralize information databases

Process efficiencies are also gained by connecting private and public networks, such as enabling field devices to connect with Corporate LANs as well as the internet.

However, this can lead to a security breach to these systems and can result in severe reputational and financial consequences. The threat of a cyber-attack to SCADA systems presents a serious security risk for many organizations operating at a local, national and global level. 


Our SCADA services

We offer a range of consultancy services and training courses to assist you to adequately defend your SCADA systems from potential attacks.


Consultancy

We can work with your organization to gain an understanding of the scope of your SCADA security requirements.

Our consultants hold workshops with key business functions to determine areas of highest risk. We identify, develop and advise on the critical components that should form part of your ICS cyber strategy. 


Standards benchmarking and gap analysis

We conduct audits and gap analysis to identify your SCADA security risk profile, benchmarking the controls that are in place against industry standards and best practices.

We identify measureable packages, which quantify those risks and develop appropriate mitigation strategies. These strategies can be planned into future projects and undertaken using a standards-based approach. 


Risk mitigation implementation

Our team of experts can deliver and implement key mitigation projects on your behalf.

These range from project management of mitigation activities to the installation and commissioning of specific technical controls including industrial firewalls, data diodes and secure gateways. 

We apply our client engagement methodology to ensure effective planning and measurement are central parts of these mitigation projects.


SCADA pen testing

Our expert SCADA penetration testing team offers a comprehensive review of your SCADA/ICS system. This assessment can take on many forms, including reviews of relevant policies and procedures, architecture review, physical security assessment, infrastructure penetration testing, segregation testing and build review exercises.

By assessing systems from multiple vantage points, we can achieve a holistic view of the security posture of your SCADA/ICS systems.


Cyber testing lab

We have developed an industrial control cyber lab, a specialist facility designed to test the security of industrial control systems.

We can provide vulnerability analysis and code testing for a range of SCADA operating systems. 


SCADA training

Certified Lead SCADA Security Professional 

We run a five-day intensive course where you can develop the necessary skills to plan, design, and implement an effective program to protect SCADA systems.

You'll be able to identify common industrial control system threats, vulnerabilities, and risks and understand how they can be managed. This training focuses on giving you a mixture of knowledge and skills related to SCADA/ICS security.