CONTACT US

Phone Number

1-877-848-5166

Email Address

© 2020 Copyright GPA

Protecting Industrial Controls Systems from outside threats involves challenges which GPA is uniquely qualified to handle. Modern control system infrastructure is more complex than

proprietary solutions of the past and requires a new resource model to effectively

manage the integration and life-cycle of modernized OT infrastructure. 

 

With these additional layers of complexity, there is also a new reality with respect to Industrial Control System security. We now have nation states who are actively targeting our

control systems and critical infrastructure by conducting targeted attacks using

advanced malware such as Triton, WannaCry and NotPetya. 

 

Securing and managing OT infrastructure is not the primary role of the process control engineer, and IT is not typically trained with the skillset specific to managing and protecting

OT assets, processes and networks. In many cases, critical ICS infrastructure is

left unmanaged and open to Cybersecurity risks which can result in dire consequences.

The first step in mitigating risk is to assess current security posture. 

GPA will take a holistic view of your current Cybersecurity objectives, ICS program and

the current state of your automation environment. We will help you develop a

comprehensive strategy to mitigate risk and partner with you to

implement appropriate and cost-effective security controls. Once your system is

secure, our team will ensure you have a plan in place for

monitoring your system and keeping it up-to-date.

  • Security Objectives Workshop

  • Comprehensive Security Assessment

    • Security Program Maturity

    • Policies and Procedures

    • Physical and Environmental Security

    • Security Architecture

    • Access Control

    • Infrastructure and Security Management

  • Security Posture Baseline, Strategy, and Roadmap

  • Asset Inventory and Classification

  • Risk Management Strategy

  • Defense In Depth Controls

    • Policies, Procedures, and Awareness

    • Physical Security

    • Perimeter Defense

    • Network Segmentation

    • Asset Hardening

    • Application Hardening

  • Incident Response and Recovery

    • Response Planning

    • Disaster Recovery

  • Managed Network Services

  • Managed Security Services