Home » Control Systems Threat Intelligence and Situational Awareness
Control Systems Threat Intelligence and Situational Awareness
Recent attacks on control systems environments, as well as the growing number of cyber vulnerabilities and exploits being developed for industrial automation, have created a need for actionable intelligence. Developing effective cyber security strategies for control systems can be complicated, and understanding adversarial activity is vital to reducing risk. Many organizations experience challenges in developing defense in depth strategies for their industrial environments because they cannot define the risk in terms of real threat activity.
To help overcome these issues, Lofty Perch, in partnership with Critical Intelligence, provides extensive cyber situational awareness as it pertains to the industrial control system domain. Using a proven intelligence collection and analysis capability, Lofty Perch can provide specific information that supports situational awareness to owner/operators, vendors, and government organizations. With a suite of consulting and subscription-based services to choose from, clients can create customized solutions to help mitigate risk and combat the advanced persistent threat (APT).
Subscription-based Intelligence Services
To stay up to date with the rapidly evolving trends and developments in the industrial control system cyber threat environment, customers can subscribe to on-going situational awareness reports. This includes weekly, quarterly, and customized reports specific to an entities needs. The information products are proven to assist in creating proactive cyber security defenses, and can help create compelling business cases for control system cyber security budgets.
Rapid Alerts: Intended for operational ICS security engineers, Rapid Alerts deliver highly significant threat information as it breaks. Examples include:
Release of attack tools targeting ICS (e.g., exploit modules)
Detailed disclosure of highly significant ICS vulnerabilities (e.g., proof of concept code)
Public information about attacks on control systems that are impending or underway
Weekly Situational Awareness Reports: Intended for operational ICS security engineers, Weekly Reports provide summaries and analysis of:
Newly disclosed vulnerabilities in ICS products
Newly disclosed vulnerabilities in products potentially affecting ICS
Newly discovered attack tools with the potential to affect ICS
ICS threat and vulnerability indicators
ICS defense developments
ICS network activity
Quarterly Reports: Intended for CSOs and CIOs, Quarterly reports provide strategic understanding of activities and trends in ICS cyber security covering the previous three-month period.
To meet the need of the most advanced clients, extensive customized services are available. These service suites, designed to leverage an organizations existing security countermeasures, help define actual cyber threats against asset owners and vendors. By assessing existing defensive activities, and working with the client to analyze specific traffic and net flows, these services help in the refinement of proactive security activities and help with recognizing specific cyber threats to the control systems environment.