Precast Cybersecurity Service Offerings for OT:
- Industrial Penetration Testing
- Industrial Security Assessment
- Industrial Security Awareness
- Dark web and leaked credentials/sensitive data monitoring
- Anti-Drone (passive)
- HWG OT Security Box
- OT Firewall and segmentation
- Precast OT SOC
Industrial Penetration Testing:
- Practical demonstration of potential attack vectors, on networks that include PLCs, SCADA, Field Devices and Industrial IoT
- Test of existing security measures
- Various testing modes:
- External – emulating an attacker with zero knowledge of your system
- Internal – emulating an attacker with limited system access rights
- Red teaming – workshop for 2 opposing parties, where internal team prevents attempts to access its network critical resources
- International penetration standards supported
- Trained team in performing pen test and assessment towards ICS, OT, and critical infrastructures. All the operations are performed in a safe way – activities that can lead to unpredictable behaviors of systems are performed only after agreement with the customers and planned during maintenance windows
Industrial Security Assessment:
- Number of attacks towards industrial control systems are growing, be the first to discover the security flows of your existing infrastructure to prevent attacks
- Hunt for business logic flaws and implementation vulnerabilities in the industrial environment
- Ensure security policy compliance
- Multilevel check across various assessment approaches and methodologies to uncover the existing breaches
- Precast can provide also audit of current cybersecurity posture, using common framework like NIST& NERC, performing GAP analysis (also towards ISO 62443), and providing a roadmap of needed cybersecurity related activity to effectively improve company’s reliance towards cyber-attacks
Industrial Security Awareness:
- Face-to-face onsite training and adaptive platform for industrial security awareness
- Employee behavior management:
- Developed featuring psychologists to suit every employee
- Recognizes personal entry level and adapts
- Continuous skill evaluation:
- Regular attack simulations throughout the year
- Focus on skills to withstand phishing and social engineering attempts
- Awareness campaigns based on real social engineering attacks targeting your company
Dark web and leaked credentials/sensitive data monitoring:
Identify and lock down your sensitive materials leaked online:
- Data leakage is one of the most significant online threats to organizations because it gives threat actors instant access to sensitive data about/from internal systems. If credentials or confidential data are leaked online, it is critical to identify, validate, and remediate the exposure as quickly as possible
- In Dark Web you can often find leaked information about industrial companies, such as exposed services, misconfigured field devices or industrial OT/IOT sensors, and other details, that can lead to an accident and cause severe impact on the OT environment of the customer
Anti-Drone (passive solution):
Complete Airspace Security Solution:
- Modern security requires a layered approach that keeps up with the evolution of drone technology. Sensors connect to our Drone Tracker software, which protects against drone intrusion, by recognizing and localizing the drone
- Detection level of protection can be provided with only passive sensors, that spots out civil drones and provides details fur a further law enforcement, that include a drone model, payload, and others. Such passive device does not require any permit or other regulatory compliance
HWG OT Security Box:
- HWG OT Security Box is the ultimate security solution for an OT network. The solution is completely passive, so cannot cause any trouble to your production or critical environment. The solution is based on a Network sensor, that analyzes the traffic on your industrial network and provides information and alerts in case of security flows:
- HWG OT Security BOX is a virtual appliance that can be installed on VM or Hardware
- HWG OT Security BOX maps all devices, protocols and sessions and makes network model visualization through passive scanning of OT network traffic. It constantly monitors technological parameters to understand processes and handle incidents and sends alerts in case of topology changes
- Detect threats for SCADA network, including PLCs, RTUs, and other industrial protocols. Detect vulnerabilities in industrial software and hardware, create whitelist and blacklist rules manually or based on predefined policies. Due to built-in ML (Machine Learning) capabilities, including retrospective analysis & OT anomaly detection, HWG OT Security BOX can recognize the normal network behavior and spot out complex attacks
OT Firewall and segmentation:
Precast can provide best in class OT firewall and network equipment, on top can also provide consulting for proper network segmentation and professional services for the installation and configuration of industrial network devices.
The convergence of operational technology (OT) and information technology (IT) impacts the security of industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. As the air gap is removed, these systems are exposed to an expanding threat landscape and are targets for hackers involved in terrorism, cyber warfare, and espionage. Extending well beyond the traditional factory plant floor, attacks on critical infrastructures such as power plants, factories, water treatment systems, oil rigs, and traffic control systems can result in threats to national security, financial loss, risk to brand reputation, and even loss of life.
The family of Industrial Ethernet Firewalls provided by Precast is a range of security devices intended to help protect industrial networks, automation systems, SCADA systems and process control facilities from external cyber threats. These Firewalls are designed to permit or deny communications by restricting network traffic based on user defined rules that would permit only authorized devices, communication types and services.
Here are some of the functionalities and features we can provide:
- Detects possible malicious activities for many protocols, including ModBus, CIP, and DNP3, etc.
- Separate different parts of the network in your manufacturing cells, zones, or utility substations to ensure only authorized devices or connections have access, protecting the network from malicious or unwanted activities.
- Ensure traffic continuity with features such as hardware bypass, dual-power inputs, Quality of Service policies, and latency detection and mitigation functions.
- Get multi-industry compliance with specifications for industrial automation, electrical substation environments and predefined policies for all levels of deployments.
- Designed to work within a temperature range of -40 to 60 C, and hardened for vibration, shock, surge, and featuring electrical noise immunity
- Extends the network as a sensor and enforcer to IoT environments. It enables visibility and control of protocols including DNP3, CIP, Modbus, IEC61850 and applications by Omron, Rockwell, GE, Schneider, and Siemens.
Precast OT SOC:
Precast SOC can manage your OT security separately or alongside your IT security, so you can benefit from earlier attack detection and response, due to correlation between events for both IT & OT networks.
Precast SOC is powered by most advanced SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response) solutions, and its efficiency is boosted with injected/built intelligence and IoCs (Indicators of compromise) by 4 different global cybersecurity vendors. Depending on industry or other compliance requirements customer can chose between different levels of SOC:
- Fully onsite service with provisioning of local dedicated experts
- Hybrid service, when all data remains onsite and our analysist connect remotely to your infrastructure
- Cloud solution, when we provide a full cloud service