GuidePoint Security releases ICS Security Services to address OT security challenges
GuidePoint Security has released its ICS Security Services that include a Security Program Review, Security Architecture Review and ICS Penetration Testing that collectively are designed to provide an organization with a holistic view of their entire ICS security posture.
Traditionally, Operational Technology (OT) environments were kept separate and isolated from the traditional IT infrastructure. Today, ICS environments have emerged from the combination of IT and OT (Industry 4.0), introducing new features and easier management, but also creating new vulnerabilities and attack vectors.
For example, an OT environment can be breached by an attack that comes through the IT environment. With GuidePoint’s ICS Security Services, organizations can ensure they have visibility across not only their OT environment, but also their broader organization.
“The convergence of OT and traditional IT infrastructure into ICS environments has led to easier operational oversight, but it also introduces new avenues for attackers to exploit,” said Pascal Ackerman, Sr. Security Consultant – Operational Technology.
“Through the combined expertise of our Governance, Risk and Compliance, Security Architecture, and ICS penetration testing practices, we can provide customers with an assessment of their entire ICS security posture, evaluating every angle of their environment.”, Ackerman continued.
GuidePoint’s ICS Security Service offerings include:
- Security Program Review (SPR): The SPR evaluates and measures an organization’s security program maturity and is based on the framework chosen by the customer, including, but not limited to: NIST Cybersecurity Framework (CSF), NIST 800 82, CIS Controls, ISO/IEC 62443, ISO 27001, C2M2, FERC/NERC-CIP, CISA TSS and ITU CIIP. With GuidePoint’s SPR offering, organizations can better assess their security program and its maturity level, and build or enhance their existing program to ensure it is right-sized to their unique requirements.
- ICS Security Architecture Review (SAR): The SAR evaluates an organization’s security capabilities to ensure deployed technologies are aligned with relevant compliance requirements. GuidePoint’s team of experts provides industry-recommended enhancements to an organization’s existing solutions as well as recommendations for new controls to augment and further mature security practices.
- ICS Penetration Testing: This service goes beyond a typical OT pentest by combining IT and OT pentesting methodologies to form a holistic offering that will assess all security aspects of the production environment. Organizations gain real-life, actionable results based on proven ICS (IT and OT) penetration testing methods and techniques.
These ICS Security Services round out a complete portfolio of cyber-focused Governance, Risk and Compliance offerings, Security Architecture Reviews, as well as Threat and Attack Simulation Services, to ensure the security of customers’ environments.