Recent attacks against Industrial Control Systems (ICS) critical infrastructure has led many officials in Washington to introduce cybersecurity legislation. The Cybersecurity Act of 2012 is a joint effort by leaders and senior members of the Senate Committees on Commerce, Intelligence, and Homeland Security and Government Affairs to give the federal government and the private sector the tools necessary to protect our most critical infrastructure from growing cyberthreats. The federal government is taking this matter seriously and hopefully this increased awareness can lead to positive action. Unfortunately, there is a limited amount of technology companies with the skill sets required to deliver secure infrastructure solutions for our ICS platforms.
The increasingly interconnected ICS infrastructure makes us more vulnerable to cybersecurity attacks. The utilities infrastructure provided to our citizens make them a target of interest for a variety of threats. The catalysts behind these threats fall into the following primary categories: cyberwar, cyberterrorism, cybercrime, and hacktivism.
ICS encompasses several types of control systems including: Supervisory Control and Data Acquisition (SCADA) systems; Energy Management Systems / Digital Control Systems (EMS/DCS) and Advanced Metering Infrastructure (AMI).
Consequently, ICS are specialized Information Systems that physically interact with the environment, many of which are components of Critical Facilities Infrastructure. The Stuxnet virus recently demonstrated this. The Stuxnet virus was described as the most sophisticated virus to date and was designed as a militarized weapon targeting the centrifuges in Iranian nuclear refining plants
Unlike traditional Information Technology (IT) systems that involve digital systems interacting with other digital systems, ICS are comprised of digital systems that affect physical or real world assets. Exploits on the ICS can involve real physical damage or loss of life.
DoD depends on the continuous and capable performance of its vast interconnected critical infrastructure to maintain and fulfill its mission. What were once isolated systems have now become interconnected. This connectivity exposes network assets to cyberinfiltration and subsequent manipulation of sensitive operations. Furthermore, increasingly sophisticated attackers and cyberattack tools can now exploit vulnerabilities within the ICS environment.
AGILITECH’s IT Security experts have a vast amount of experience developing a secure solution to protect your critical infrastructure. The expertise to properly architect and implement proper security protocols is currently limited at the field level. Our unique IT skillsets, combined with our knowledge of the ICS environment, will provide you the ability to analyze, architect and secure these specialized critical systems.
In addition, our procedures will create a common architecture-utilizing defense in depth strategies across the Enterprise. Our pragmatic approach includes and addresses the following areas:
- Design plug-in components – pre-configured cabinets and server racks with software/hardware necessary to secure systems
- Yield a pool of Subject Matter Experts (SME) in multiple disciplines to approach issues specific to ICS
- Provide a systematic and disciplined approach
- Leverage an efficiently “right sized” managed team – resulting in reduced cost/effective delivery
- Address gaps and avoid duplication of effort by improving information sharing
- Articulate best practices – practical approaches to address concerns unique to ICS
- Provide continuous improvement as the process matures
Let AGILITECH's skilled and professionally certified technologists exceed your expectations on securing your critical infrastructure.