What is it?


From chain production environments, to the latest interconnected and intelligent systems that give name to Industry 4.0, only 100 years have passed. This increase in connectivity that characterizes smart plants is produced by the need to improve the efficiency of processes, allowing transmitting and obtaining information from remote locations in real time, and analyzing that information to adapt production.

58% of industrial companies have received some type of cyber attack in this last year, and 60% of these attacks have been caused by vulnerabilities that come from external access used by suppliers for maintenance tasks. The impact derived from this type of attack in an industry can escalate economically in a massive way, being able to reach to alter and stop the production, causing losses that reach the 500.000 € of average.

Through the industrial cybersecurity service we evaluate the security of the networks and assets of the industrial environments (SCADAs, HMIs, PLCs, valves, probes and actuators, among others), with the aim of reaching an adequate level of protection for the operation of the company.

Approach


Our approach is based on a complete analysis of industrial security in a minimally invasive way and guaranteeing the availability of production at all times.

With the aim of reviewing security in a standardized, scalable and repeatable way, we rely on controls and recommendations from best practice guides and standards from institutions such as the NIST (National Institute of Standards and Technology), ISA (International Society of Automation) ), the CNPIC (National Center for the Protection of Critical Infrastructures) and the CCN-CERT (National Cryptological Center), adapting them to the specific needs of each environment.

During the review of industrial environments we perform, among others, the following tasks:

  • Evaluate the network architecture and the mechanisms of interconnection and remote access, including analysis of firewall rules and existing information flows, as well as the correct segmentation of the instrumentation networks according to the protocols (Modbus, Profibus, Profinet and DNP3, among others) allowed.
  • Evaluate the correct bastion of the necessary work stations in each of the environments.
  • Analyze network traffic within the industrial network, with the aim of detecting unexpected protocols, as well as non-recommended or anomalous connections that could put the operation at risk.
  • Carry out the necessary technical evaluations, such as the simulation of malicious traffic, to verify that the implemented security solutions are correctly deployed and parameterized, and that the detection and response capacity is correct.