Know our SWOT, Develop the best strategy to enhance the Strength, Enhance security controls to reduce Weaknesses, Explore more about Opportunities, and Face the Threats with confidence
Why ICS Cyber Security Audit and Assessment is IMPORTANT
Periodic ICS Cyber Security assessment is required to ensure the compliance and continuous improvement of the system, with the reference to the governing standard
Where to START?
Getting know the SWOT
Risk Register tells us the SWOT analysis in ICS Cyber Security Assurance process. It is driven by Risk Assessment and ICS Cyber Security Assessment. The result of this activity is the ICS Cyber Security profile that reflects the current situation of the assessed object, mapped into certain standards, with the correlation to Risk Register.
ICS Cyber Security SWOT Sample
ICS Cyber Security Compliance
The deviation from the standard should be marked as a gap, and it should be followed up to be closed out. Any critical finding during the ICS Cyber Security assessment should be documented, the closeout action should be strategized, with a proper timeline of target achievement, stewarded in timely manner, and re-assess after certain timing to ensure the compliance level
- The Maturity Assessment methodology, which is a Non-Intrusive Assessment method, is being used to get the big picture as well the detailed security posture of the assessed ICS object. The compliance checklists adhere to certain standards combined with architectural review, physical security audit, exploring the practices, interviewing key persons, and some other assessment approach to provide a thorough assessment that can reflect the actual ICS Cyber Security profile
- The ICS Cyber Security Assessment by using Maturity Assessment methodology is a crucial step that should be performed, in order to have a thorough understanding and deep profiling of ICS Cyber Security posture of the assessed ICS object.
Get Assessed Now
- Full coverage from logical to physical access assessment, network perimeter, up to data access protection, backup and restore scheme and practice, update attitude and practice, defense-in-depth from various points of view, and more checklists to be elaborated and assessed through this integrated ICS Cyber Security assessment project
- By referencing well-known Industrial Standards in Cyber Security and ICS Cyber Security such as NIST SP 800-82, ISA/IEC 62443, ISO 27001, NIST CSF but also considering some national standards as per required in order to bring the thorough ICS Cyber Security Assessment to provide a robust result that depicts the actual ICS Cyber Security posture
- Integrating all the assessment checklist results with the Risk Assessment results into the standardized Risk Register. The Risk Register will be the master document as the reference point of ICS Cyber Security posture. Each item on the Risk Register is correlated into the risk profiling, equipped with proposed security controls for each critical/high categories item for future follow-up and stewardship.
- The final deliverable is the Final Report consisting of the executive summary, network architectural drawing of an assessed object, dashboard of compliance level against certain standards, the topmost priority items, detailed item & finding with complete explanation & finding evidence, Risk Register, and conclusion. The recommendation and strategic follow up also being part of this deliverable, as all of it will be the baseline for the next execution of ICS Cyber Security assurance activities
ICS Cyber Security Assessment is one of our core competence – Contact us for more information and consultation. Sharing session will be another option for those who have the willingness to know more regarding ICS Cyber Security, to strengthen the decision to move forward on ICS Cyber Security Assurance milestone