Critical Infrastructure Security Assessment

Identify risks and remediate vulnerabilities in SCADA systems

Next Steps:

Overview

Although there are risks involved when increasing access to control systems, there are also worthwhile benefits, including increased automation, reduced system management costs, and greater control capabilities. By taking a risk-based approach, Foundstone helps organizations identify and prioritize risks to SCADA systems, analyze threats to that environment, and identify and resolve vulnerabilities before they are exploited by an attacker.

Since its inception in 1999, Foundstone has worked with utilities and manufacturers to address control systems. Foundstone understands the unique issues faced when dealing with control systems that must adhere to availability rates of seven 9s while not being able to run with traditional security controls installed, such as anti-virus tools and file integrity checkers.

Foundstone’s expert team of consultants identify weaknesses in your SCADA security posture and develop actionable recommendations to mitigate the risks your environment faces from external attackers, insider threats, automated worms, and network management errors.

Key Benefits

Foundstone consultants identify and mitigate the risk to your critical infrastructure by reviewing the people, process, and technology surrounding the targeted devices. This pinpoints vulnerabilities and gaps with industry-accepted best practices in the architecture, configuration, and ongoing management of your critical infrastructure.

Methodology

Foundstone assesses your critical infrastructure using the following six major phases:

  • Architecture security review
    Evaluate the network design of the SCADA environment, analyzing the security controls in place and the connectivity between the SCADA environment and the corporate network.
  • Critical infrastructure (SCADA) component security testing
    Evaluate the security of systems in the SCADA environment including routers, firewalls, control system servers, database systems, and ICCP gateways.
  • Perimeter device and server configuration review
    Assess the configurations of routers, firewalls, and SCADA servers against known industry best practices while looking for known vulnerabilities associated with the deployed product and associated utilities.
  • Wireless access review
    Identify wireless access into the environment and evaluate weaknesses that could allow an attacker to gain access to the SCADA network.
  • Dial-up and remote access review
    Identify systems with dial-up and remote access capability that could allow an attacker to gain access to the SCADA network.
  • Policy and procedure gap analysis
    Evaluate the current policies and procedures for critical infrastructure against known best practices according to the ISA-SP99 security standards.