An increase in malware and attacks on Industrial Control Systems (ICS), the growing number of new vulnerabilities in ICS equipment and an increased necessity for these systems to be integrated with other environments (like ERP, for example) have necessitated a more thorough approach to ICS security. In addition, ICS security is closely tied with functional security and a successful hacker attack could lead to production accidents.
Our ICS Security Assessment service identifies security flaws in ICS on all layers: starting from physical and network security, to vendor-specific vulnerabilities in ICS components such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others. This service provides you with information on the consequences of vulnerabilities exploitation, evaluates the effectiveness of implemented security measures, and enables you to plan further actions to fix detected flaws and improve security.
A security assessment that simulates various types of intruders upon your choice with the goal to elevate current privileges and access the ICS environment
White-box security assessment including the analysis of the technical ICS documentation, interviews with ICS personnel, analysis of the industrial systems and protocols in use, resulting in comprehensive technological audit of your ICS components in the production environment
A deep security research of the software and hardware ICS components conduted in the test environment with the goal to find new vulnerabilities, followed by pre-approved demonstrations on the real system
A summary report detailing all discovered vulnerabilities and security flaws, with actionable recommendations for immediate resolution
Eхplore examples of Kaspersky Lab security solutions at work in the field
Severstal under protection
Cooperation with Kaspersky Lab has given security professionals at Cherepovets Steel Mill a fresh perspective on the contemporary landscape of cyber threats targeting industrial organizations. The findings were factored into the development of the security strategy for both IT systems and process control systems.