OT/ICS/SCADA Security Services

What are SCADA Systems?

Critical infrastructure is a term used to describe the assets, physical facilities, supply chains, information technologies and communication networks, which if destroyed, degraded or rendered unavailable for an extended period, would significantly impact on the social or economic wellbeing of the nation, or affect Australia’s ability to conduct national defence and ensure national security. Systems managing operational aspects of that critical infrastructure are commonly known as SCADA (Supervisory Control and Data Acquisition) systems.

Why Care Now?

Historically, security in the world of SCADA was managed by the principles of “security by obscurity” and what is referred to as “the air gap”.

As these systems used proprietary obscure protocols that not many people other than specialist engineers understood and were isolated from other networks, an air gap existed that reduced the risk of SCADA systems being compromised and exploited. Security was never a consideration due to their isolation and the focus on process control, safety and reliability.

However, connectivity to corporate IT networks is now increasing due to use of common technology standards and network protocols such as IP connectivity, data requirements to enable better decision making, and improved management capabilities through the leveraging of corporate IT management platforms and staff.

With this increased connectivity comes increased risks and opportunity for a security breach of the SCADA network, or adverse and unintended consequences due to accidental human error.

How we can help

We offer a range of services which are specifically tailored to assist your organisation in applying a risk-based approach to secure your critical infrastructure.

Security Assessments

Privasec provides IOT/ICS/SCADA Security Assessments based on Australian Government and Industry Security Standards.

Assurance Testing

Privasec can conduct SCADA Security Assurance Testing specifically designed to take all the precautions when performing vulnerability scanning and penetration testing.

Architecture Reviews

Privasec can conduct network Architecture Reviews performed in accordance with Critical Infrastructure’s Good Practices Guides (GPGs)

What you get

Privasec will provide you with a concise report that includes:

Threats

A detailed description of the current cyber threats and risks that apply to your SCADA network

Priorities

A comprehensive analysis that identifies and prioritises the key security findings observed.

Roadmap

A strategy and roadmap to help reduce your cyber risks and build cyber resilience capabilities.