The supervisory control and data acquisition (SCADA) is the hardware and software that monitors and controls physical devices and platforms such as airfield lighting, the control systems of an electricity grid or a building management system. Also known as operation technology (OT) or industrial control systems (ICS), SCADA systems send commands and receive feedback from physical equipment and field devices. The SCADA systems of today are connected over the internet to carry out remote monitoring of sites. Moreover, integration of IT technology into OT systems has meant that the OT environment is vulnerable to the same worms, trojans, and viruses that have blighted the IT systems.

Recent attacks on physical infrastructure such as electricity grids and industrial sites have exposed the vulnerabilities of operational technology (OT) and control systems leading government agencies and the security community to issue advisories for creating a cyber resilience plan for operational technology.

At GRM technologies, our team of specialists, will help you harden your OT environment by following the recommendations and guidelines laid down by the Cybersecurity and Infrastructure Security Agency (CISA), which is U.S. government agency tasked to defend critical infrastructure against cyber attacks. Our SCADA and OT security review is comprehensive and entails the following:

• Cybersecurity Assessments Identify attack surface areas and issue recommendations to disconnect systems from the internet. Provide an accurate and detailed OT infrastructure map to serve as a foundation for mitigating cyber risks.
• Security Configuration and Design Implement secure network architectures utilizing demilitarized zones (DMZs), firewalls, jump servers, and/or one-way communication diodes. Ensure all communications to remote devices use a virtual private network (VPN) with strong encryption further secured with multifactor authentication. Apply software patches and enable recommended security controls of equipment.
• Continuous Monitoring Log and review all authorized external access connections for misuse or unusual activity. Enable system anomaly detection and monitor for unauthorized attempts to change controller settings.
• Incident Readiness and Advisory Plan for or continued manual process operations should the ICS become unavailable or need to be deactivated due to hostile takeover. Test and validate data backups and processes in the event of data loss due to malicious cyber activity. Backup resources such as firmware, software, product licenses, and configuration settings. Test and validate data backups and processes in the event of data loss due to malicious cyber activity.