IACS Forensic Readiness
It is important that your organization, network and assets are prepared for the collection of forensic data. This ensures that you can secure the data required when a cyber security incident occurs, and that you have the right information available to act quickly and effectively. For example to identify the cause of the incident or identify possible culprits.
Hudson Cybertec helps your organization with the preventive provisioning, maintenance and operation of the necessary infrastructure for: Incident response, monitoring and detection, logging and all other things related to forensic readiness.
An IACS Forensic readiness scan conducted by Hudson Cybertec gives you a comprehensive overview of your current situation and measures the level of Forensic Readiness within your organization. During this scan our forensic experts assess whether you have the right digital information available for a forensic investigation in case of incidents. We will review all aspects of cyber security: people, process and technology.
Policy & Procedure Development
Do you still have to create a security policy, or are your policies no longer up to date?
As an independent cyber security expert, Hudson Cybertec has all the necessary knowledge to support you in the development of security policies and procedures. We consider standards such as the IEC 62443 or the ISO 27000, as well as developments in legislation.
To ensure that the security policies and procedures of your organization stay up-to-date, we offer a service that reviews these policies and procedures on a regular basis against your (changed) organization’s needs and current standards and legal requirements.
Cyber Security Management System (CSMS)
To take control of your cyber security, the IEC 62443, the cyber security standard framework for Industrial Automation and Control Systems (IACS), provides guidance for the development and implementation of a CSMS. The implementation of a CSMS helps organizations to manage, integrate and maintain cyber security within their organization and as such comply with current and future regulations and the organization’s vision. Within the IEC 62443, the standard IEC 62443 2-1 provides the framework for the development and implementation of a CSMS.
CSMS a structured and phased approach
The development and implementation of a CSMS can take some time, depending on the requirements, resources available and the size of the organization. Such an implementation requires a structured and phased approach. To ensure the success of the development and implementation of the CSMS, organizations often ask Hudson Cybertec for assistance. Hudson Cybertec has thorough experience supporting organizations with the development and implementation of their CSMS which is tailored to each individual organization’s requirements.
Cyber Security Management
To support the development and implementation of a CSMS, depending on the requirements of your organization, we provide everything from ad-hoc support to a full-service package, where we manage the development and implementation of the CSMS. Managing cyber security is essential for good assurance of cyber security in the organization. The responsibility for managing cyber security often lies with a Chief Operational Security Officer (COSO). If your organization cannot perform this role internally, Hudson Cybertec will assist you on an interim, fulltime or part-time basis. We fulfill the COSO role for you with an experienced and qualified security professional. The COSO helps your organization develop and implement a cyber security strategy based on international standards and your organization’s requirements. The role of a COSO complements the role of a Chief Information Security Officer (CISO) and vice versa. These roles are more or less similar, where a CISO will focus on Information Technology (IT) and a COSO will focus on Operational Technology (OT). To ensure a rolling start of a project, we provide additional resources at the start of the project to ensure that organization reaps the benefits of the CSMS as soon as possible.
Management support and risk analysis
The development starts with several key CSMS elements required to manage cyber security within an organization and additional elements based upon the requirements and priorities of the organization. Once support and funding from management is obtained, it is important to know where the organization stands regarding cyber security. To obtain this information we advise to start with a zero-measurement security assessment. This provides the organization a clear view of what its weaknesses are and allows the organization to define and focus on those aspects of cyber security that need to be remediated first. In addition, it allows the organization to identify so called ‘quick wins’ that can be easily implemented without too much effort and that have a direct positive impact on the cyber security of an organization.
The implementation of a CSMS is not a one-off exercise. Once a CSMS is established, it needs to be maintained in order to stay relevant for the organization. There is no need to establish a CSMS if it is not supported or used by the organization. And a CSMS loses its effectiveness over time, if it does not grow or change with the organization and does not adjust to changes in legislation, threats and new insights. To ensure that this is the case, metrics (including KPIs) are defined and the CSMS needs to be reviewed on a regular basis or when internal or external factors warrant such a review. If the outcome of the review indicates that changes are warranted, the CSMS needs to be updated so that it stays current and effective.
For an actual business case, please read the article “Cyber Security Management according to IEC 62443” which discusses the usage of the IEC 62443 standard to develop and implement a CSMS at a chemical company.
How can we help you?
To ensure a successful implementation of your CSMS, we can manage its development and implementation for your organization. This is achieved by providing customized management services like a fulltime, interim or part-time COSO function (COSO on demand).
Take control of your cyber security, please contact us now at firstname.lastname@example.org.
When expanding existing installations, or purchase new IACS systems, you want these to be cyber secure?
Together with you, Hudson Cybertec defines the cyber security requirements. Products and systems that are delivered to you should be configured conform the set cyber security requirements, thereby significantly increasing the level of cyber security.
During the procurement phase you deliver these requirements to your suppliers. This allows them to take your requirements into account during development of systems, and deliver a product that meets your cyber security expectations.
Hudson Cybertec supervises the procurement and implementation of products and systems. We test these products and systems to ensure that they comply with the required cyber security level. By using our supervision your organization can be confident that the required security level is assured or improved.
Incorporating the required cyber security measures in the design of technical installations, or securing existing installations, requires a thorough knowledge of both technology and cyber security.
Hudson Cybertec supports you with validation of network design, creating or updating ‘as-built’ design documentation, FAT/SAT-support, or engineering validation (of external parties). But also with security by design implementation, penetration tests, engineering support, and more.
Network segmentation & Re-design
When an incident occurs, it is important that the impact is contained. As a result, it is important to segment your network infrastructure. Due to the long life of technical networks it is important that this is considered. Until recently, functionality and safety of the installation were the most important criteria. Cyber security and segmentation were nice to have and rarely considered. Hudson Cybertec will help you to improve the structure of your infrastructure, by segmenting or redesigning your OT-network, making your infrastructure more resilient to cyber incidents.