SCADA Cyber Security Vulnerability Assessment
A U.S. power company employed regularly-recurring audits of various controls, systems and programs. However, when it came to a SCADA-based cyber security vulnerability assessment, the in-house audit team did not possess the specific combination of process control experience and cyber security risks. They realized they required a third-party expert with a unique combination of knowledge of the two worlds.
HoneywellHoneywell invents and manufactures technologies to address some of the world’s toughest challenges initiated by revolutionary macrotrends in science, technology and society. They improves business performance for customers with automation and control solutions, equipment and services that enhance safety, reliability and efficiency. Year founded: 1906 Revenue: $40.3 billion (2014) NYSE: HON
A U.S. power company
- CONNECTIVITY PROTOCOLS
The Honeywell Cyber Security team possessed the experience and expertise that the power company required to review their SCADA system. A collaborative review of the power company’s process control systems and SCADA risk assessment was performed. During the risk assessment process, high-level risks were identified. This information was used to estimate, prioritize and coordinate ongoing risk-mitigation activities. Software Components - The Cyber Security Vulnerability Assessment (CSVA) - Honeywell Industrial Cyber Security Solutions
- DATA COLLECTED
- SOLUTION TYPE
- SOLUTION MATURITY
Cutting Edge (technology has been on the market for < 2 years)
- OPERATIONAL IMPACT
Impact #1 [Data Management - Cyber Security]
CSVA allows the companies to see their true cyber security risks, and prioritize the tasks they need to execute.
Impact #2 [Data Management - Data Security]
CSVA enables the power company to minimize vulnerability to cyber events.
Impact #3 [Efficiency Improvement - Maintenance]
Recovery time of an incident are shortened and system performance is improved by CSVA.
- QUANTITATIVE BENEFIT
- USE CASES
CybersecurityCybersecurity refers to the protection practice for the hardware, software, and data from being destroyed, altered or leaked by accidental or malicious reasons to ensure the system runs continuously and the network service is not interrupted. An effective cybersecurity methodology has multiple levels of protection spread across the computers, networks, programs, and data that one intends to remain secure. For an effective defense from cyber-attacks, the people, processes, and technology in any organization should complement one another.The cybersecurity can be divided into physical security and logical security. Physical safety refers to the physical protection of system equipment and related facilities from damage and loss. Logical security includes integrity, confidentiality, and availability of information.