Powerful Cyber Security Services for Industrial Control Systems of All Sizes

Cyber Security ICS, SCADA & IT

Red Trident offers ICS cyber security services for SCADA and other Industrial Control Systems. Supervisory control and data acquisition (SCADA) networks perform many key functions in providing many services to us Americans that we sometimes take for granted. Unfortunately SCADA and other ICS networks can also be potentially vulnerable to disruption of service or vulnerable to the manipulation of operational data. The risks of cyber security for ICS networks remain high and therefore a need to secure this infrastructure is critical.

ICS Cyber Security is one of those things that you may not want to think about, but you must be smart and you must be prepared. Surprisingly as many as 75 percent of breaches go undiscovered for weeks and sometimes months. According to a survey on ComputerWorld, 90% of the nearly 600 businesses surveyed responded that their organizations’ computers had been breached by hackers within the past 12 months.

Do you know how to tell if you’ve been hacked? Do you have a Disaster Recovery Plan in place? Are you aware of the vulnerabilities that exist on your network?

See the slideshow below to learn more about Red Trident’s Risk Management Approach.

Our Risk Management Approach

red trident cybersecurity

Knowledgeable

Up-To-Date On Latest Threats
red trident cybersecurity

Experienced

10+ years experience securing critical data for government, medical and other large entities
red trident cybersecurity

Professional

We work hard to truly understand our client’s system and needs before we engineer a security solution

ICS, SCADA & IT Cyber Security Services

What specific vulnerabilities exist on your network? What is resident in hacker toolkits today that can easily exploit them?

These are great and relevant questions that need to be answered. The goal of this service offering is to safely explore WHAT vulnerabilities reside on a clients network, endpoints, applications and etc.

This gives a SPECIFIC report on where hacking tools would be most successful in a client’s environment but also starts assisting with planning how to methodically address the risks discovered.

Specially configured and designed tools are leveraged to successfully accomplish this under a well thought out mutually agreed upon rules-of-engagement. This assists the Client as well as Red Trident understand what are critical systems and what can be tested without business process disruption.

The ultimate goal of this is a vulnerability assessment. This identifies, ranks and then methodically ranks the discovered vulnerabilities of a clients environment.

With as many breaches as has occurred recently in all markets and industries there are several regulatory frameworks that companies either choose to comply with or are mandated to comply with.

This service offering is centered around taking a industry best practice or mandated framework and discovering how a company does or does not follow the practice or framework.

Sarbanes Oxley (SOX) is one we find often times in companies. Usually we are requested to assist with either initially complying with or assisting with finding methods to comply with SOX to a greater extent.

While we are not an organization that can certify an company we can lay the infrastructure as well as participate to help pass audits. We can also assist companies in remediation of the findings.

We are no just limited to SOX but many other industry best practices and frameworks. Some of those frameworks that we can help an organization with is NIST 800-53, NIST 800-37, 800-82, IEC-62443, COBIT5, NERC CIP and several others.

As a first step we often understand the business model a company is following to assist in identifying which standard/framework is most appropriate for the company to adopt.

We follow a methodical approach to decomposing the clients environment and granularly identifying where investments are necessary and/or smart to be made in effort of complying with the identifying framework.

Compliance Assessments also assist with validating that the security program’s special provisions are followed at all of the companies locations and/or offices.

This has a goal of reducing risk and vectors a malicious minded individual may have to compromise a clients company. The intended output from this service is a GAP analysis.

We have seen a great deal of technological adoption that become silo solution sets. Meaning, that anti-virus is purchased and deployed but never monitored, trended and etc.

We take an approach of systems-of-systems engineering to create solutions that leverage each other. This helps in not investing in areas that yield little to no benefit to the larger security infrastructure and especially the company as a whole.

We normally also trend the effectiveness of technology so that the Security Architecture is not only relevant to the companies environment but also has a capability to defend effectively.

As part of our Security Architecture offering we also test technology in a lab to minimize any negative impact that deploying the security technology could have on a production environment.

A important portion to this is how Red Trident takes cyber threat intelligence and integrates it into our solutions we construct, implement and/or sustain for a client.

This can be a costly investment so we have spent a great deal of time constructing a methodology for road-mapping the deployment of the security architecture but also the adoption by a company. This often times stagged approach helps with budgets, training and the successful establishment of a higher security level.

We also build special purpose security architectures for environments that are either government or research in purpose. Red Trident INC has also assisted larger organizations in implementing their specialized self created architectures.

Where do I start in a maze of options, issues, questions, and potential directions? This is the typical question we find when we are entering into an engagement with a client.

We also see an adoption of technical solutions with no sustainment or plan that maximizes their effectiveness as well as contributes to a higher degree of return on investment.

This is where Red Trident INC can assist make a top down approach in the form of a security program. This allows for the realization of a Return on Security Investment (RoSI) so that expenditures make an equally important justification.

As a company we practice a great deal of systems of systems engineering. Meaning that one technical administrative or physical solution contributes to other present or future solutions.

A well planned and implemented program assists security managing personnel develop meaningful metrics to monitor, brief or direct from. It gives an ability to also monitor the compliance of a particular section of a organization. Likewise a Program can give an ability to quickly return to service a business critical process or afford plans to have a fail over capability so that no down time is encountered.

Even the best of plans fall victim from time to time to a successful compromise. This may be attributed to the discovery and release of a zero day exploit or it may also be a vector that was unknown or thought to be secure.

Which ever the case Red Trident is ready to assist with a methodical approach to first gaining control of the incident and then understanding what security architectural changes will strengthen the overall business posture of the clients environment.

Red Trident has seen benefit in approaching the defense of an attack as an additional add-on to a larger program. We understand that there are interconnectivity between Disaster Recovery Plans, Business Continuity Plans as well as a myriad of other considerations that need to be taken into consideration before, during and after an incident occurs.

From a program level we generally start with the decomposition of the larger program to ensure that we are building portability between a Incident management program. This helps with the return on security investment that many clients rely on to smartly invest funding.

One critical component of Incident Management is Incident Response. We follow several incident response frameworks. The exact framework depends upon the environment. One such framework that we follow is the SANs approach that is divided down into six primary phases.

  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned
Depending on which information source you subscribe to the traditional approach to leveraging antivirus is inadequate to combat malicious attacks to endpoint devices. The exact percentage of effectiveness ranges from 30 to 45% effective (Report). New methods and approaches are now necessary to provide security for endpoint devices.

It can be a frustrating task in securing endpoint devices and even more so frustrating if those endpoint devices are controlling a business process.

Red Trident is comprised of individuals that understand the difference among the multiple markets that leverage IT strongly. It’s this understanding  as well as experience that gives assistance and direction to establishing or improving an endpoints security posture. We have specialized testing regiments and frameworks that we follow to ensure that we reduce the likelihood of a business process disruption.

This methodical approach also assists with reducing the deploy time into a production environment. Which can drastically give assistance to reducing the amount of lost time a business is impacted by. We as a company understand and have often times been in the situation where down time equates to revenue lost.

One of these approaches is termed as a SecFAT which is Security Facility Acceptance Testing. This is especially important to an organization to enable a successful deployment but also be capable of troubleshooting issues as they are doing a Site Facility Acceptance Test.

VIA this methodology one technology that is enabled is Whitelisting. Meticulously understanding the operating environment as well as system enables the endpoint to be protected but also reducing the likelihood of disrupting a business process or other items that the business process relies upon.

We also believe that there are many other efforts that can be taken to help with the return of security investment as well as move an endpoint device into a continuous monitoring state. Where security layers are monitored and reported on.

Red Trident INC specializes in building networks that are fault tolerant but also hardened to normal hacking techniques.

Accessing a clients data or disrupting their ability to control a business process, application or etc can be a key and critical goal of a hacker. This is where Red Trident INC can assist many organizations.

In our construction of a network we often segment them into zones that communicate through controlled and trusted conduits. This can at times be a physical separation but also segregated by logically.

The end goal of our network security service offering is to have a capability of remote monitoring. Assistance to near real time detection of when networks, hosts and etc experience activity they do not normally experience.

This can all be contributions to being proactive rather than reactive to a hacker attempting unauthorized access to a client’s environment.

Under this service offering we also have partnership with larger security product vendors that can establish out of band encrypted channels to communicate VIA or assist the vendor in understanding how to tailor their products to a clients specific environment.

In today’s fast paced on the move world it’s not always feasible to have a category five cable everywhere you are. A solution to this on the move requirement is various wireless access technologies that allow for laptops, phones and many other devices to get a connection and continue to perform business.

As with many other things where there are benefits there exists potentials for negatives and in the information technology world that can be further labeled as unwanted, unintended, malicious or unauthorized usages.

Red Trident sustains a high level of training in industry accepted tools that help identify rogue WAP’s, configuration errors, encryption analysis, as well as coverage analysis. Equally sustained is the penetration testing skillsets and tool kits leveraged by hackers to identify vulnerabilities within systems, architecture or the business environment. This helps quantitatively analyze problems and then afford solutions.

In todays infrastructures a common home wireless router properly put into a enterprise architecture can disrupt DHCP, Routing as well as engineer a man in the middle attack by an insider threat. While the intention may have been just to have access on a night shift.

We also provide solution subscriptions where clients can contract with RTI to monitor new and emerging vulnerabilities in wireless technology. Once one is identified then we will contact and coordinate with the client to find solutions necessary to sustain an secure environment.

Contact Red Trident Today For A Cyber Security Assessment!

ics cyber security services