Over the last several years, production companies have seen an increase in both attacks as well as the unauthorized usage of their networks - an estimated 50% of these breaches occur from within the facility. With attacks on SCADA and process control systems on the rise, many operations are at risk of lost production, environmental violations or worse, loss of personnel or equipment.
Securing the network is only part of the solution - managing the security architecture after implementation is something more. Staffing a Security Operations Center not only requires specialized expertise 24/7, but is also costly - particularly if the plant networks are geographically dispersed and managed by different organizations and/or budgets.
IPS can help. Our philosophy is to take a holistic lifecycle approach that encompasses processes, procedures, and people as well as products, networks, and applications. Many plants have a security program in place or have taken various security measures, but very few have any kind of documented plan. IPS has experience in bringing people from the domain of plant operations and IT together to create a coherent and documented security strategy.
We can assess the security posture, propose design/architectural solutions, implement and then manage the solution, providing flexible options. Once these needs are determined, solutions in the IPS portfolio are customized to match exact needs.
IPS’s Cyber Security portfolio offers a complete solution for any network with services that operate in both IT and control domains. Our approach goes beyond detection, focusing on intrusion prevention across your entire enterprise. The key phases of our lifecycle approach include:
1) Plan and Assess - Invensys assesses the current security environment, site, system or policy and provide recommendations for next steps. The plan is then created that outlines the next steps.
2) Architect and Design - This is the step in which the architecture for the security-focused network is created. This will be a detailed design with interconnections as well as routing and addressing plans. Also, this is the step in which policies are created.
3) Modernization and Implementation - New designs and policies are implemented in this installation step.
4) Manage and Optimize - Invensys helps manage complex security environments, which include instant review of IDS/IPS or FW alarms, plus required updates to these policies. We can provide 24/7 monitoring and management of your security environment through a network of global centers. This step also looks to see if another assessment should be made to align the environment with the current best practices.
You can enter at any point in the life cycle process and tailor the solution to your specific needs. We will match your specific funding requirements and provide the appropriate time for internal change management.
IPS is staffed with enterprise control system security experts, IT security experts, and telecommunication experts, enabling us to assess, design, implement and manage security from the correct perspective - the Plant Network. We pride ourselves on expertise and up-to-the-minute knowledge of new technologies and applications, and leverage these to benefit installed systems. We understand what is at risk within an operating facility and a trained staff will cost-effectively design and implement a tailored network security solution while providing the on-going management that gives the necessary insurance against the consequences of a breach.