OT Cyber Audits

In today’s interconnected world, the convergence of Operational Technology (OT) and Information Technology (IT) has made cybersecurity more critical than ever.

Why OT Cyber Audits are Critical

While many organizations prioritize securing their IT networks, OT networks are often overlooked or managed by facilities managers without adequate cybersecurity expertise or resources.

This oversight can lead to significant vulnerabilities, especially since much of the critical infrastructure and facilities equipment was not built with security in mind and may not have been updated or patched for decades.

DSA’s comprehensive approach, based on industry best practices and standards, ensures thorough evaluation and mitigation of vulnerabilities.

DSA’s WatchPost OT Cyber Solutioning for our Multi-Building Campus Environment Customers

Independent Third-Party Assessment: Data Systems Analysts, Inc. (DSA) proposes an independent third-party assessment of our customers OT systems. This assessment will include vulnerability management, internal and external penetration testing, and wireless testing of our customers IP and OT networks.

Focus Areas:

  • Facilities and Industrial Control Systems (ICS) networks
  • External, internal, and facilities networks
  • Scanning and manual verification of assets, ports, and vulnerabilities

The Importance of OT Cyber Audits

Addressing Legacy Systems and Infrastructure

Many OT systems are outdated, sometimes over 30 years old, and have not been updated in over a decade. These systems were not designed with cybersecurity as a priority, making them susceptible to attacks.

Comprehensive Security Measures

An OT cyber audit helps in baselining the OT environment, identifying vulnerabilities, and implementing security measures to protect against evolving cyber threats. It is crucial to test and evaluate all networks, even those considered air-gapped or disconnected from corporate systems.

Strengthening Cyber Hygiene

Ensuring robust cyber hygiene across the entire enterprise is essential. As cyber threats evolve, organizations must also adapt and strengthen their defenses.

Our Comprehensive Approach

Penetration Testing: DSA will conduct penetration testing on each, identified customer system to assess and confirm security controls and compliance. This includes:

  • Determining the feasibility of attack vectors
  • Identifying higher-risk vulnerabilities from combined lower-risk vulnerabilities
  • Detecting vulnerabilities difficult to find with automated scanning tools
  • Testing network defenders’ ability to detect and respond to attacks
  • Providing evidence for necessary remediation

Standards and Best Practices: DSA follows NIST 800.53 Rev 4 and SANS best practices. The assessment also evaluates CIS top 20 security controls, CWE weaknesses, OWASP controls, and ransomware exposure.

Deliverables:

  • Comprehensive final report detailing tests undertaken, results, identified vulnerabilities, and recommended improvements
  • Scoring of assets and findings based on NIST and industry standards, similar to credit reporting scores (300 to 850)

DSA’s Testing and Assessment Methodology

Methodology: DSA employs a methodology based on NIST, SANS, and other industry frameworks. This includes:

  • Mapping our customers external, internal, and OT networks
  • Conducting penetration testing and verification
  • Analyzing test results for vulnerabilities and assigning risk levels
  • Evaluating the impact on your multi-building campus environment and your data and interconnects

Vulnerability Analysis:

  • Ease of Discovery: How easily threat agents can discover the vulnerability
  • Ease of Exploit: How easily the vulnerability can be exploited
  • Awareness: The level of knowledge about the vulnerability among threat agents
  • Intrusion Detection: Likelihood of detecting an exploit

Technical Impact Factors:

  • Confidentiality: Potential data disclosure and sensitivity
  • Integrity: Potential data corruption and damage
  • Availability: Potential service loss and its importance
  • Accountability: Traceability of threat agents’ actions

Expertise of DSA’s Cyber Security Engineering Team

Our team security team has over 25 years of experience and we hold multiple certifications, including CISSP, GCIH, GGSC, GSEC, and GRID SCADA. With our extensive experience, DSA  is well-equipped to handle all complex cybersecurity challenges, across all Federal/DoD and Commercial customer environments.