ICS & SCADA

MSI has more than 20 years of experience working in the ICS/SCADA world. Members of our team have served as OT engineers, designed the penetration testing processes used by the US Department of Energy and other regulators, discovered and analyzed vulnerabilities and worked on incidents deep inside critical infrastructures.

Our team is comfortable in the field, curled up next to premise equipment, or in the lab, testing protocols, firmware, devices or software loads from end to end throughout the ICS spectrum. Utilities and device manufacturers trust our work and depend on our strong history of responsible disclosure of vulnerabilities we discover. You won’t find our teams working in the lab for you during the day and releasing exploits or penetration tools to help attackers be more dangerous at night. That simply doesn’t fit our level of commitment at MSI.

Here are some of the services around ICS/SCADA that we have experience performing:

  1. Device, component, protocol and software testing in the lab
  2. End to end assessments of smart grid and traditional architectures
  3. Reverse engineering of “found” devices
  4. Analysis of fraud and tampering techniques
  5. Business, Control and SCADA network vulnerability assessments and penetration testing
  6. Data flow analysis and control configuration consulting
  7. Design and architecture reviews and consulting
  8. Enclaving and network segmentation projects
  9. ICS/SCADA honeypots and intrusion detection
  10. Incident handling, investigation, attacker tampering and forensics
  11. Audit/regulatory prep and response
  12. Training, mentoring and board-level liaison consulting

If your organization wants deep expertise, rational threat-focused security help, then give us a call. While we help with compliance and regulatory needs as well, our team sees these as baselines and not the finish line. At MSI, we are dedicated to helping our clients build a safer world, and nothing is more important to that goal than ICS/SCADA security.

Blogs on ICS topics:

Brent Huston to Lead ICS/SCADA Honeypot Webinar with SANS
Thanks for Making the 3rd Mid-West ICS/SCADA Security Symposium a Success
HoneyPoint Security Server ICS/SCADA Deployment Example
Threat Data Sharing in ICS/SCADA Needs Improvement