PA energy cyber security expert Justin Lowe discusses protecting the energy industry from cyber threats
Industrial control systems (ICS) often perform mission or safety-critical functions to operate infrastructure for electricity generation, transmission and distribution, oil and gas drilling, production and processing and potable or waste water systems. This puts ICS at the heart of critical national infrastructure.
However, these vital systems are increasingly at risk of cyber attack. Why? ICS are now often constructed from off-the-shelf technologies which are relatively easy to hack. The increasingly complex interconnectivity between ICS with other business IT systems and even the internet, increases the risk further. Coupled with freely available ICS hacking tools, makes carrying out attacks easier.
All of this means that organisations reliant on industrial control systems need to improve and maintain security to reduce the likelihood and impact of cyber security incidents.By doing this, organisations can also realise the important business benefits that stem from secure access to operational data.
PA’s best practice approach for ICS security provides a proven framework for understanding and addressing the risks.
The framework has been adopted by the UK Government’s Centre for Protection of National Infrastructure and is used across the UK Critical National Infrastructure (CNI).
Our dedicated team of industrial control systems engineers and security professionals helps clients with:
security audits, risk assessments and health checks
security frameworks and management systems: policy, standards and procedures
secure solution design
security and penetration testing
training and awareness
response and continuity planning.
Our strong track record in ICS security includes:
BP - dramatically improving the security of mission and safety critical systems for BP
UK Centre for the Protection of National Infrastructure - developing new national guidance for managing employee risk and protecting the critical national infrastructure