Although there are risks involved when increasing access to control systems, there are also worthwhile benefits, including increased automation, reduced system management costs, and greater control capabilities. By taking a risk-based approach, Foundstone helps organizations identify and prioritize risks to SCADA systems, analyze threats to that environment, and identify and resolve vulnerabilities before they are exploited by an attacker.
Since its inception in 1999, Foundstone has worked with utilities and manufacturers to address control systems. Foundstone understands the unique issues faced when dealing with control systems that must adhere to availability rates of seven 9s while not being able to run with traditional security controls installed, such as anti-virus tools and file integrity checkers.
Foundstone’s expert team of consultants identify weaknesses in your SCADA security posture and develop actionable recommendations to mitigate the risks your environment faces from external attackers, insider threats, automated worms, and network management errors.
Foundstone consultants identify and mitigate the risk to your critical infrastructure by reviewing the people, process, and technology surrounding the targeted devices. This pinpoints vulnerabilities and gaps with industry-accepted best practices in the architecture, configuration, and ongoing management of your critical infrastructure.
Foundstone assesses your critical infrastructure using the following six major phases: