As Industrial and Automation Control Systems experts who are also experts in network security, Ready is uniquely qualified to help you extend your network security beyond your business network to your industrial network.
The reality of today is that all major processes in industrial facilities are digitally controlled through PLCs, DCSs, or specialized controllers. These controllers all communicate on the plant network, and this network is in some way linked to the outside world. This link is critical for businesses to fully leverage the information available, but it creates a way for the industrial system to be infiltrated from anywhere in the world.
In addition to specification and implementation of security controls such as physical security, network firewalling, host hardening, and disaster planning/recovery, Ready can implement vendor-neutral Security Information and Event Monitoring (SIEM), Network Intrusion Detection Systems (NIDS), and Host Intrusion Detection Systems (HIDS). We also identify suitable network segregation architectures and assist with configuration management, change control, and document control specialized for the plant process control environment.
Ready has supported many facilities in their critical strides to implement the North American Energy Reliability Corporation’s Critical Infrastructure Protection (NERC-CIP) standards and we have familiarity with other less common standards such as ISA/IEC-62443 (formerly ISA-99). As plants respond to evolving Nuclear Regulatory Commission (NRC) requirements, Ready has also supported facilities with the implementation of the Nuclear Energy Institute’s (NEI) standards.
Ready can provide support with all phases of your program, including:
- Interpretation of industry requirements and standards
- Development of cybersecurity plans, policies, work instructions, and records.
- Identification and categorization of devices including critical digital assets (CDAs), along with threat, risk, and vulnerability assessments.
- Security management controls, intrusion detection, system hardening, defense-in-depth, physical security, information protection, and backup communication systems design.
- Threat propagation path control and network segregation (including data diodes)
- Configuration management, change control, and document control
- Contingency plans, backup and recovery, disaster recovery
- Testing and audits
- Incident reporting and corrective action
- Personnel risk management and user access control
- Security awareness and training