Protecting critical infrastructure

OT-IT Cybersecurity Solutions & Services

What we do

 At Cyberium, our sole focus is on ensuring the cyber security of industrial networks and systems. We specialise in providing hardware and software solutions for industrial critical infrastructure companies and government agencies.

SOLUTIONS

 Security products and bespoke solutions for OT and IT environments leveraging the Data Diode Proxy Solution - One Way Appliance (OWA)

SERVICES

OT Cyber Security Risk Management consulting and training with a holistic security mindset based on IEC/ISA 62443

 Key Industries

From Military and Defence, Oil and Gas, Nuclear, Energy and Utilities, Telecoms, Transport and other government agencies, our clients drive key infrastructure we all depend on.

Cyberium Cybersecurity Solutions - Industries - Military & Defense

Military & Defence

Telecoms

Oil & Gas

Transport

Cyberium Cybersecurity Solutions - industries - Energy & Utilities

Energy & Utilities

Nuclear

Our Solutions

DATA DIODE PROXY SOLUTION

One Way Appliance (OWA)

Industrial environments have safety critical and secure Operational Technology networks disconnected from other networks. In order to make the data accessible for outside networks, Data Diodes can be utilized as a one-way data replication solution.

The solution uses Hardware Secure “One-Way” Communication using the Cyberium DataDiode component. The solution segregates OT Network from the IT Network 100% one-way enabling IT Network users to have access securely and in real-time to OT information without compromising the Safety, ensuring the Availability and Integrity of the OT Network.

The DataDiode is also used by Critical Infrastructure to protect their most critical systems (Safety Network, SIS) while enabling them to send real time Alarms & Events to the non-safety networks (DCS/SCADA).

 

Benefits:

  • Compatible with all true hardware data diodes

  • European & International certification

  • 100% one-way

  • Multi industrial and IT protocols supported

Results:

  • 100% outsider threat protection: Physically impossible for an Outsider to penetrate the protected network

  • OPEX reduction: Extremely low maintenance and no need for L3.5/L4 monitoring compared to an F/W

  • CAPEX reduction: A single control instead of a dozen

  • Reduced insurance costs

Protocol Coverage

IT/OT:

  • All file transfers: FTP/FTPS/SFTP/MFTP

  • SIEM: syslog/TCP or syslog/UDP (ArcSight, Splunk, QRadar)

  • Email transfer: SMTP relay

  • HA systems at 1Gbps/ 10Gbps functional level

  • 1Gbps/ 10Gbps multi-engine online wire-speed anti-virus

  • Database replication (MS SQL, ORACLE GG, PostgreSQL)

  • IBM MQ, MQTT (roadmap)

  • WSUS and anti-virus update

  • TCP/UDP streaming (case by case)

  • BiDirectional: XML filtering, application filtering, anti-virus, content neutralization and encryption

 

OT:

  • Replication of Historians (Honeywell PHD, AspenTech IP21, GE OSM, BH System 1)

  • OSISoft PI to PI replication: HA, multi-instances, real-time data and meta-data, conflict management, automatic upstream and downstream recovery, backfill and buffering.

  • OPC UA Replication

  • Modbus replication (beta) and IEC 104 (roadmap)

 Experience You Can Trust.

 
 

Our Services

 

Cyberium has established, implemented and maintained full fledge Risk Based Cyber Security Management Systems (CSMS) compliant with IEC/ISA 62443 and national standard like Q CSF, NERPA and NESA. We worked with Upstream and Downstream Oil & Gas, Power, Fertilizer and Chemical plants as well as the Rail sector operators.

Cyberium is an active member of International Society of Automation, ISA, and presented numerous peer reviewed papers during ISA Conferences in EMEA.

Cyberium’s methodology is based on ISA 62443-3-2 Risk Assessment methodology for the step-by-step approach and on ISF IRAM2 & the FAIR detailed risk assessment procedures.

One of the first steps is to develop the Business Rational aligned the Enterprise Risk Management and the CSMS organization. Typically, Cyberium establishes the framework of Policies and Risk Management Manual to define the methodology to perform Criticality Assessment and Risk Assessment.

ISA 62443-3-2 requires that we perform a High-Level Risk Assessment first to assess the impact of a worst case cyber event on the systems in scope. We perform this HL-RA or Business Impact Assessment with all the stockholders such QHSE, I&C, Maintenance, Finance, Legal and PR.

After focusing on the critical systems identified at the previous stage, we perform a Detail Risk Assessment as per ISA-62443-3-2. We assess the likelihood of a risk according to IRAM2 based on Customer’s Threat Profile and Vulnerability identified by assessing the existing controls against ISA 62443-3-3, calculated thanks to FAIR methodology.

During the last 8 years Cyberium’s consultants performed detailed Risk Assessment on more than hundred critical systems on multiple sites involving DCS, SCADA, Auxiliaries and SIS such as FGS, ESD, HIPPS etc. 

 Protect your critical infrastructure.

Contact us to learn more about our solutions and services.

Supported by

Région Occitanie Logo

Our recognition of the quality of the Cyberium solution