Fasttrack Assessment
In many cases, it is clear that industrial network cybersecurity is not at the level where it should be. At the same time, there is no justification for conducting very extensive research and subjecting all ‘Control Systems’ to a thorough inspection.
A Fasttrack Assessment is extremely suitable for these situations. A selection is made of one or more Control Systems, after which the cybersecurity level is mapped in a structured manner. This assessment does not install any equipment or software, but is based entirely on interviews with the right people. This makes it very accessible!
Based on the well-known guideline NIST 800-82, we make a selection of the most relevant domains for your company on which the assessment will be carried out. In this way, the assessment fits in seamlessly with your situation and your company. The result is therefore not based on generalities, but really focused on the situation within your company.
The assessment is concluded with clear, pragmatic and prioritized advice that can be followed immediately so that the cybersecurity level can be raised immediately. We can of course help you implement these recommendations.
A Fasttrack Assessment has a turnaround-time of 3 to 4 weeks and a fixed, low price.
Scalable Assessment
If a Fasttrack Assessment does not provide the insight you want, a Scalable Assessment can offer a solution. In addition to conducting interviews, such as in the Fasttrack Assessment, technology is also used to map all OT assets. A sensor (physical or virtual) is connected to the network, which passively listens in to the traffic flows. In this way it becomes clear which OT assets there are, what their vulnerabilities are, and which communication flows there are – the latter is essential for segmenting the network, but also for identifying unknown traffic flows and detecting from malware.
In this regard, the network design is viewed and assessed on the basis of available drawings and on the basis of the output of the sensor.
This assessment is also concluded with clear, pragmatic and prioritized advice that can be followed immediately. In addition, there is clear insight into the vulnerabilities of all OT assets. The overview of the OT assets is so complete that it can possibly be read directly into an existing CMDB.
A Scalable Assessment is tailor-made. In consultation, it is determined which control systems or which sites should fall within the scope.
Remote Access Assessment
One of the biggest Cybersecurity vulnerabilities has to do with Remote Access. This applies to both own employees who work from home or from another location, and to suppliers who want remote access for maintenance and troubleshooting. This remote access is often based on an SSL or IPsec solution (managed by the IT department). Such a solution has several drawbacks.
In addition, it is often not clear what the access points to the OT domain are. Who has access, from which location and with which protocols. How are employees of a supplier who leave the company treated? Will remote access be disabled for them? After all, they are still aware of used passwords!
A ‘Remote Access Assessment’ provides insight into the following matters, among other things:
- Which suppliers have remote access
- Which authentication and authorization methods are used for remote access
- What process is used to grant and revoke remote access
- How can an audit of remote access take place
This assessment is concluded with a report, including (if necessary) recommendations for improvement. A Remote Access Assessment has a turnaround-time of 3 to 4 weeks and a fixed, low price.
More information
Would you like more information about the assessments mentioned? If you fill in some information below, you will receive an extensive brochure in your mailbox, including a number of tips to get started right away!