Possibility
Explore our work: what we do, how we do it, and the value we create for our clients.
Impact
Culture
Possibility
Explore our work: what we do, how we do it, and the value we create for our clients.
Global Shifts
Empowered consumers
Healthier humans
Future organisations
Business for better
Safer societies
Sustainable world
Industries
Consumer and manufacturing
Defence and security
Energy and utilities
Financial services
Government and public sector
Health
Life sciences
Transport
Services
Set growth strategy
Build brands, products, and services
Reimagine AI, digital, and data
Improve organisational performance
Deliver complex programmes
Empower your people
Impact
Culture
Insight

How can you test cyber resilience, prior to attack?  

By Justin Lowe

Tags

Operational Technology (OT) or Industrial Control Systems (ICS) may sound as though they play no part in day to day life. Even less that they would be targets for cyber attacks - surely personal data or financial systems are more attractive?

In reality, ICS are the systems that keep the lights on, the trains running and even planes in the sky. And for that reason, they are frequently, and successfully attacked. Recent news events show us that this technology is vulnerable, and that attacks can cause significant disruption. 

What is stalling resilience in OT systems?

The complex issue is that, often, ICS receive different treatment to IT assets and infrastructure when it comes to cyber security. There are also cultural and organisational issues that play a role. Ultimately, ICS need to be as resilient as any other technology asset. 

Given the increasing need to be resilient to cyber attack, a focused and robust approach to building resilience in OT needs to move up the agenda of organisations who rely on ICS to keep their businesses running. 

The challenge here is that its currently difficult to: understand how secure OT systems are; where the vulnerabilities lie; and how to defend them. 

These three steps are fundamental to developing resilience and relevant incident response plans in the event of an attack. Critically, these steps need to be taken prior to attack, to avoid the impact of a genuine cyber security incident on ICS. 

Demonstrating vulnerabilities in ICS is also a great way of prioritising the need for further security measures.

So, how do you test OT resilience prior to an attack?

  1. You need to bring ICS cyber security to life
    That means testing in a live environment to identify threats, weaknesses and ultimately, to build resilience
  2. You need the correct environment to test in
    The simulated environment must resemble reality as closely as possible the network environment of a live ICS, with the correct OT in place, tailored at least to your specific industry.
  3. You need active security monitoring whilst the test is running
    Active monitoring must occur in testing so that vulnerabilities can be correctly identified within the live environment.

Industries are currently struggling to find relevant tools to develop live testing environments in order to build cyber resilience. 

In order to protect OT from attack and prevent widespread disruption to business and the public, then steps must be taken to develop testing further, using the correct tools.

The ICS Demonstrator

To support industries operating with ICS in place, PA have built a unique tool to develop cyber resilience: the ICS Demonstrator.

The tool uses real ICS equipment and networks to provide live demonstrations of potential cyber-attacks against ICS and allows industry to test a range of defence approaches.  

Currently configured to simulate OT within a nuclear power station, the ICS Demonstrator’s flexible architecture can simulate industrial processes found in many industry environments; power generation and grids, oil and gas, nuclear plants, manufacturing and transport. 

It can also be used to test new ICS security technologies and assess the effectiveness of existing security controls. The Demonstrator provides a flexible environment to demonstrate a wide variety of security vulnerabilities or attack scenarios. It is also devised to enable greater awareness and act as an educational tool to enable further security research and development.

About the authors

Justin Lowe PA digital trust and cyber security expert
Connect

Explore more

Insight

15 minutes with: Angela Rotheram

Angela uses innovation culture to help clients to navigate the transition to a net zero future.
Caren Lacy
Insight

15 minutes with: Caren Lacy

Caren is helping drive the sustainable energy transition: from renewable technologies to innovative uses of hydrogen.
Caren Lacy
Parent helping child plug EV charger into car in a city environment
Insight

Urban EV fast charging in US cities: What to expect in 2024

Our analysis outlines opportunities for investment in public fast charging in cities.
Parent helping child plug EV charger into car in a city environment
Happy commuters
Insight

How are you responding to the customer satisfaction challenge in the transport sector?

UK's Customer Satisfaction Index for 2023 reports a notable drop, primarily in the transport sector. To respond, organisations must focus on evolving customer needs, end-to-end experiences, and operational efficiency.
Happy commuters

Contact the team

We look forward to hearing from you.
Get in touch

Get actionable insight straight to your inbox via our monthly newsletter.