Operational Technology (ОТ) is one of the most important components in various industries (Oil&Gaz, Metallurgy, Chemistry, etc.) and may include manufacturing execution systems (MES), supervisory control and data acquisition (SCADA) systems, system management systems based on programmable logic controllers (PLC) and others. Cybersecurity of OT as one of the most critical assets is essential for providing information security of an enterprise.
Digitization is one of the most influential trends today, most companies, including industrial enterprises implement unified access technologies (IP/Ethernet), adopt new services (virtualization, unified communications, mobility and others), increase tech-process automatization and implement Enterprise Resource Planning (ERP). However, increasing automatization also increases risks associated with both existing and new threats.
As a result, over the last ten years, the world has seen significant growth both in security incidents and the amount of discovered vulnerabilities, as well as the amount of OT-targeted attacks, including industrial espionage, criminal activities and disruption of enterprise performance.
Ensuring Operational Technology Cybersecurity is a complex task. Several important factors must be considered:
- vulnerabilities in outdated components and protocols used by most industrial systems
- extensive requirements for system availability – a top concern for the OT
- harsh environmental conditions which are typical for OT perfomance
- international standards and best practices (IEC 62443 (ISA 99), CIP NERC, NIST, etc.)
- local regulations related to information security of critical and other industrial infrastructure assets
OT security system design ensures data protection, maintains constant system availability and provides effective countermeasures against various attacks and fraud.
USSC offers a complete service portfolio that covers all OT Security related tasks:
- security audit of industrial systems, including asset discovery analysis and classification of assets, penetration testing, retrospective incident history analysis, threat assessment and risk evaluation assessment, OT defense strategy development
- design and implementation of information security solutions, including pre-design assessment, threat model development, technical specifications developed in accordance with applicable standards and best practices, development of design documentation, system implementation
- service support including technical security system support and maintenance
USSC Ltd works in partnership with several largest domestic and foreign OT vendors and employs a significant number of certified experts and engineers. Our solutions incorporate the latest and most comprehensive OT Security components, manufactured by leading domestic and foreign vendors.
All OT security projects are carried out by a separate department, that provides OT security related services to large enterprises in implementing complex security projects.