IT and ICS Security Assurance

Consultant | Training | Solutions
Fedco International, PT.

Welcome to Fedco - IT and ICS Security Consultant

Why Us

The Urgency of ICS Security Assurance

Industrial Control System security concern has getting up and up in this decade due to the increasing cyber risk and attack that has been recorded across the globe that targeting ICS environment. The risk of cyber attack mostly came from internal organization, while the external portion also playing quiet significant contribution with the worse impact as the consequence.

Why Choose Us as your ICS Security Partner

We are developing our core competencies in ICS Security through wide and deep technical experience, covering the ICS Security planning into implementation, audit and assessment, and continual improvement assurance as our integrated solutions to our client.

We grow up in ICS environment, exposed in depth in ICS operations & maintenance, feeling the sense of being the part of ICS environment itself, performing several activities related to ICS security assurance including the sustainability performance assurance.

We are ICS security by experience, instead of just being an IT security consultant that jump into ICS environment and copy paste the common IT security methods to be applied into this object.

We are using our capability to provide the best solutions that cover the whole critical aspect in the ICS environment, in order to ensure business continuity and simultaneous operations.

ICS Security Assurance Solutions

Portfolio and Clients

Portfolio

  • ICS Asset Management (Asset Characterization; Asset Consolidation; Criticality Management; Change Management; Asset Management Documentation);
  • ICS Security Risk Management (Preparation; Workshop; Controls Catalog; Implementation & Sustainability);
  • ICS Cyber Security Management System Platform;
  • Comprehensive ICS Security Assessment;
  • Industrial Standards and Best Practices References/Compliance (NIST SP 800-82, ISA 99/IEC 62443, API STD 1164, NIST SP 800-53, etc.);
  • Complete Report of ICS Security Posture (Executive Summary; Site Detail Report; Full Detail Report);
  • Company ICS Security Standard, Policies, Guidelines and Procedures Development.

Deliver sharing session as part of the ICS security campaign to several companies and government body

List of Clients

Determining Who Will be Your ICS Security Partner

Nowadays, there are three types of ICS security consultant that exist, the first one is an IT security consultant with their high confidence level as IT security practitioner – decided to cover ICS security, the second one is the OEM companies that develop their ICS security team/services in order to capture the potential opportunities and market share but sometimes they forgot the philosophy of the ICS security itself, the last one is the real ICS security consultant that develop their expertise in ICS environment – combine the knowledge and skills using IT security exposure – develop the solutions to provide the solutions that solve the fundamental problems

IT Security Consultant to Play in ICS Security

This type of consultant is rely their solutions based on IT security framework, including the using of Vulnerability Assessment and Penetration Testing as the methods to give the solutions to their clients. They lack of the essence in ICS operations, its philosophy and how to solve it. Most of this type of consultant usually do not have deep experience in ICS operations phase. Their sensing is just based on their IT security perspective

ICS Security Consultant, Training and Solutions

Fedco International is a consultant and training provider company that has core competence in Industrial Control System Security Assurance field of services. The core services that being offered consist of two categories, the ICS security solutions & consultation (covering the ICS security assurance lifecycle activities) and ICS security courses

Control System OEM Playing in ICS Security

The (Original Equipment Manufacturers) OEMs are playing deeper in ICS security consultation and solutions since they are the manufacturing company of the system itself. But the risk exposure from using this type of consultant is the conflict of interest (biased towards products supplied), no cold eyes review , more emphasize only in IT security perspective instead of exploring on its core ICS security concerns.

Let's Us Do The Hardest Part

We provide Integrated ICS Security Assurance solution that cover the Core Activities of ICS Security Assurance Project. We also provide full ICS security audit and assessment (by using non destructive approach – without vulnerability assessment and penetration testing) or partial ICS Security Assessment (with the selected ICS environment object, such as DCS only, SCADA only, etc.). By agreement, the ICS Security Audit (full or partial) can be integrated with the vulnerability assessment and penetration testing (but sure this option should go through the detail and careful walk through prior to agreement and execution).