Making Sense of OT Professional Services Engagements
Sep 4, 2024
/
Industry Insight
Many organizations are struggling to improve their industrial cybersecurity posture. Regardless of where an organization is in its journey - from just starting to operationalizing a program and security stack, Insane Cyber is here to help. Our team of cybersecurity experts have been there in your shoes, and will help with you to find solutions that work.
Insane Cyber provides a wide range of Operational Technology (OT) cybersecurity professional services that benefit industrial organizations throughout their security journey. While each engagement is tailored to meet the specific needs and requirements of the customer, we define engagement types as part of our service catalog so that you’ll know what to expect.
The four most popular engagement types are OT Cybersecurity Assessments, Vulnerability Assessments, Penetration Testing, and Tabletop Exercises. In this series, we'll dive deep into each of these engagement types, what to expect during and after an engagement, and how to get the most out of it.
Passive vs. Active Engagements
Engagements can be divided into active and passive types. Passive engagements do not directly interface with the environment. Information is collected from the environment as part of a Request for Information (RFI) using methods that do not interact with the environment, such as configuration file export, network traffic capture, and Subject Matter Expert (SME) workshops. The RFI material is then analyzed outside of the industrial environment.
An active engagement involves interaction with the environment or a proxy, like a test environment. These interactions follow agreed-upon rules of engagement to limit the possibility of an impact on safety or reliability. The scope and level of interaction are driven by the expected outcomes, from testing the security of a device or system to validating the preventative and detective security control of a network.
Engagement Types
OT Cybersecurity Assessments
An OT cybersecurity assessment is often the first step in an OT security journey. An OT cybersecurity assessment is a detailed examination of an organization's industrial environment, supporting infrastructure, security program, and operational cyber practices. The goal is to understand the current state, identify strengths, gaps, and vulnerabilities, and provide recommendations to address them.
OT Vulnerability Assessments
An OT vulnerability assessment identifies and evaluates potential vulnerabilities and attack paths in an industrial environment, including its network and systems. It most often involves using tools that probe for known vulnerabilities, misconfigurations, architectural weaknesses, and static analysis of the environment. The scope of an assessment ranges from a subset of systems to an entire environment. Vulnerabilities are not exploited in this type of engagement but instead validated with a focus on finding as many attack paths as possible.
OT Penetration Testing
A penetration test, also known as a pen test, simulates a real-world attack to identify and exploit vulnerabilities and prove or disprove security assumptions. Pen tests are suitable for more mature organizations with a strong grip on their security posture and understanding of their operational environment. They are undertaken to understand how hard it is to exploit an environment and how visible that activity will be.
Tabletop Exercises
A Tabletop Exercise (TTX) is an interactive discussion-based session that provides a low-consequence environment for teams to test their ability to respond to a simulated cybersecurity incident. TTXs offer an opportunity to identify gaps within procedures and processes while educating participants on how best to respond. Insane Cyber customizes each exercise to fit the customer's environment and threat landscape.
The range for OT cybersecurity professional service offerings is wide and goes beyond the four outlined here, and it can be challenging to determine where to start. In our upcoming series, we'll be deep diving into each of these engagement types so that you can learn more and find the right option for your organization.