HomeEnterprise SecurityServicesKaspersky ICS Security Assessment

    product-icon

    Service

    Kaspersky ICS Security Assessment

    Identification and remediation of security flaws in ICS infrastructures

    Get in Touch

    Download Datasheet (2 pages)

    Overview

    An increase in malware and attacks on Industrial Control Systems (ICS), the growing number of new vulnerabilities in ICS equipment and an increased necessity for these systems to be integrated with other environments (like ERP, for example) have necessitated a more thorough approach to ICS security. In addition, ICS security is closely tied with functional security and a successful hacker attack could lead to production accidents.

    Our ICS Security Assessment service identifies security flaws in ICS on all layers: starting from physical and network security, to vendor-specific vulnerabilities in ICS components such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others. This service provides you with information on the consequences of vulnerabilities exploitation, evaluates the effectiveness of implemented security measures, and enables you to plan further actions to fix detected flaws and improve security.

    • Penetration testing

      A security assessment that simulates various types of intruders upon your choice with the goal to elevate current privileges and access the ICS environment

    • ICS Infrastructure Security Assessment

      White-box security assessment including the analysis of the technical ICS documentation, interviews with ICS personnel, analysis of the industrial systems and protocols in use, resulting in comprehensive technological audit of your ICS components in the production environment

    • ICS Solution Security Assessment

      A deep security research of the software and hardware ICS components conduted in the test environment with the goal to find new vulnerabilities, followed by pre-approved demonstrations on the real system

    • Comprehensive Reporting

      A summary report detailing all discovered vulnerabilities and security flaws, with actionable recommendations for immediate resolution

    Suitable for

    Case Studies

    Eхplore examples of Kaspersky Lab security solutions at work in the field

    VIEW ALL
    • Severstal under protection
      Severstal under protection

      Solution:

      Cooperation with Kaspersky Lab has given security professionals at Cherepovets Steel Mill a fresh perspective on the contemporary landscape of cyber threats targeting industrial organizations. The findings were factored into the development of the security strategy for both IT systems and process control systems.

      Read more  
    Recognition
    Kaspersky Industrial CyberSecurity
    Competitive Landscape: Operational Technology Security, October 2018.
    Kaspersky Security Awareness and Training Services
    Forrester’s “Now Tech: Security Awareness And Training Solutions, Q1 2019
    Kaspersky Industrial CyberSecurity
    Kaspersky Lab Moves Forward with Improved Cybersecurity Solutions, 2018

    GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

    In Use

    • ICS Security Assessment by Kaspersky Lab helps organizations to:

      • Understand the weakest spots of ICS and focus on improving the corresponding security processes
      • Avoid human, environmental, financial, operational and reputational loss that potentially could be caused by malefactors, by proactively detecting and fixing the vulnerabilities which could be used for attacks
      • Analyze systems’ compliance to ICS security standards specific to your region and industry, for instance NERC CIP standards
      • Comply with government, industry and internal corporate standards requiring that security assessments are performed

    • Prevent unauthorized access to critical network components

      Various vulnerabilities leading to obtaining unauthorized access to critical network components may be identified, including:

      • Insufficient physical protection of ICS equipment
      • Vulnerable network architecture, insufficient network protection (including flaws in separation of the ICS network from other networks)
      • Vulnerabilities leading to network traffic interception and redirection (including ones in industrial communication protocols)
      • Vulnerabilities in ICS components, such as SCADA, PLCs, smart meters, etc.

    • Detailed reporting and remedial recommendations

      As a result of the service, customers obtain a report containing:

      • Detailed technical information on the testing process
      • Full results
      • Security flaws and recommendations
      • A comprehensible executive summary explaining conclusions on the testing results and illustrating industry-specific attack scenarios
      • Screen videos with attack demonstrations and final presentations for your technical team or top management

    Let’s Start the Conversation and talk to one of our experts about how True Cybersecurity could inform your corporate security strategy, please get in touch.

    GET IN TOUCH