Industrial Automated Control System (IACS) Cybersecurity has quickly become a serious issue for professionals in the process and critical infrastructure industries.
An unprecedented number of security vulnerabilities have been exposed in industrial control products and regulatory agencies are demanding compliance to complex and confusing regulations. Very few industries are actually regulated, and of those that are, the regulating agencies are demanding compliance to complex and confusing regulations. Those that are not regulated are dealing with a wide variety of vague and sometimes conflicting standards from multiple sources.
There are well established strategies and techniques that automation professionals can employ to discover and mitigate security vulnerabilities and improve the inherent security of their products and systems. Learning and adopting these strategies will help companies stay ahead of potential vulnerabilities.
exida is an ISA/IEC-62443/ISA-99 based industrial automated control system (IACS) and SCADA system security consulting and certification firm that focuses on the unique requirements of industrial automation and process control systems.
exida staff has over 30 years of experience in industrial automation and control system safety and/or cybersecurity design, implementation and assessment. exida has experience in assessing and developing cybersecurity solutions in the Transportation, Oil & Gas, Electric Utility, Chemical, Water & Waste Water and other industries that rely heavily on the use of industrial automation and control systems.
At exida, we are familiar with the Department of Homeland Security (DHS), Transportation Security Administration (TSA), National Institute of Standards and Technology (NIST), and the American Public Transportation Association’s (APTA) guidelines, recommended practices, and standards.
exida has also led and participated in the definition of cybersecurity standards via: ISA 99 committee work – ANSI / ISA / IEC 62443 (formerly ISA 99), APTA recommended practices for passenger rail (Securing Control and Communications Systems in Transit Environments), and ICSJWG sub-group work.
exida is involved in each step of the cybersecurity lifecycle from Assessment to Design to Operate & Maintain. We provide a range of ISA/IEC-62443/ISA-99 based services that is customized to your site’s requirements while following the latest cybersecurity standards and guidelines. Here is a synopsis of what we offer.
You wouldn’t begin a journey until you know where you are starting from, where you want to go and how you are going to get there.
Planning the journey to secure your control systems is no different. It starts with understanding the risks that control system security (or insecurity) can have on your business. This is known as a risk assessment and it is used to quantify the threats that pose a danger to your business. exida ranks these risks so you know how to prioritize your security dollars and efforts.
The design phase starts with a structural assessment of your security system's architecture and configuration. A detailed study together with full, up-to-date documentation will be reviewed to discover potential cybersecurity vulnerabilities. Together with exida, the target design is compared in detail with your current network architecture. A road map with technical details and execution time schedule are then finalized.
Even after your solution is put into place, exida assists you with the processes required to keep your process safe, secure, and reliable.
We offer a range of IACS Cybersecurity training courses for today's industry professional, from basic to advanced concepts. We also offer customized training options available upon request.
Students benefit from exida's in-depth knowledge and expertise , enabling them to fully understand cybersecurity and implement procedures in their organizations to ensure that they are not vulnerable to cyberattacks.