ICYMI: In 2020, more Operational Technology (OT) vulnerabilities and publicly disclosed vulnerabilities were reported than any prior year.
Why Clients Choose Red Trident for Cybersecurity Assessments Services
RED TRIDENT CYBERSECURITY ASSESSMENT SERVICES. CLICK EACH TO LEARN MORE
Automated and manual assessment performed on-site or remotely (if possible) to identify vulnerabilities, misconfiguration, and gaps against OT security best practices. This process falls into the “Identify” phase of a cybersecurity program and highlights areas of mitigation, improvement, and risk reduction for an organization.
- Identifies vulnerabilities and misconfiguration of ICS hardware, software, and networks
- Provides a clear picture of connectivity and networked assets
- Identifies risks associated with existing processes, standards, and personnel
- Identifies current capabilities to protect, detect, respond, and recover from attacks, security anomalies, or incidents
Penetration testing can be scoped to mimic external attackers targeting OT environments from the Internet or from the corporate environment to identify pivot points into OT networks and systems. Red Trident adheres to strict rules of engagement and will not perform any testing that negatively impacts production operations.
- Identifies points of entry into ICS networks and systems
- Emulates real-world attack techniques
- Can be used to validate visibility of ICS environments
Red Trident’s application security assessments provide thorough testing integrated with existing development environments that can be leveraged to identify defects throughout the software development lifecycle. Our experience in testing and securing code for ICS software and firmware brings expertise that will drastically reduce risk in your software before it’s deployed to operations and safety-critical environments.
- Static Analysis
- Dynamic Analysis
- Penetration Testing and Exploitation
- Assessments of ICS software, firmware, and hardware product development
- Secure Software Development Lifecycle Assessments
Physical and logical attack campaigns that simulate real-world tactics, techniques, and procedures to break into an organization’s infrastructure and move throughout the environment. This testing challenges and evaluates existing physical and logical security measures and technologies in place and helps the organization understand how they people, processes, and technology will stand against attacks of various scales.
- Social Engineering
- Physical Red Team Exercises
- Real-world attack simulation to identify detection and response capabilities
A key component of any OT cybersecurity program is incident response. If you have an incident response team, plan, or playbook in place but don’t know how your organization would respond to a severe incident, Red Trident can help. If you haven’t yet documented or built an incident response capability, we can help there as well.
- Tabletop exercises to evaluate and document gaps in response capabilities, tools, and processes
- Identify response effectiveness against real-world attack scenarios
- Identify risks in communication, planning, and logistics during an incident
- Alignment of Business Continuity Plans to respond effectively to cyber events
- Scenarios targeted to your organization based upon threat intelligence and your critical risks and concerns
Ensuring an organization has the ability to continue operations or recover is critical to limiting the impact of an incident in ICS environments. The baseline of ‘what is in place’, should be fully understood and all of the components of operational continuity and recovery should be evaluated. This includes the plans, personnel, procedures, backups, spares, and redundancy. The following are areas of focus when evaluating documentation and the environment to which it applies:
- Technology Issues
- Manual Operations
- Redundancy of Control, Operation, and Supervision
- Critical Spares
- Software Version Control
- Data Recovery
- Backup and Recovery
- Backups and business tolerance for each of these areas
In order to implement a security program around production OT environments, you must understand what you have. This includes systems, software, policies, processes, and personnel. Red Trident can assist you in taking the first step by identifying, documenting, and building a repeatable process towards asset discovery and inventory.
Whether you have brown field OT environments or are moving to green field, it is critical to understand security risks in architecture and network design and how to mitigate those risks. At Red Trident, our expertise in network architecture design can identify shortcomings in existing OT network architecture or even provide input from the start of the design process for a new OT environment.
- Brownfield Architecture Review
- Early Design phase engagement
- Security Acceptance Testing and Design Reviews
- Support for remote access and digital initiatives
Red Trident’s cybersecurity team has extensive experience in many OT environments including wastewater, power and utility, oil and gas, maritime, and manufacturing. Because of this, we can support cybersecurity assessments focused on regulatory, standards-based, or contractual requirements.
- Frameworks and Standards
- Regulatory compliance requirements
- Contractual compliance requirements