Protecting critical infrastructure
OT-IT Cybersecurity Solutions & Services
What we do
At Cyberium, our sole focus is on ensuring the cyber security of industrial networks and systems. We specialise in providing hardware and software solutions for industrial critical infrastructure companies and government agencies.
SOLUTIONS
Security products and bespoke solutions for OT and IT environments leveraging the Data Diode Proxy Solution - One Way Appliance (OWA)
SERVICES
OT Cyber Security Risk Management consulting and training with a holistic security mindset based on IEC/ISA 62443
Key Industries
From Military and Defence, Oil and Gas, Nuclear, Energy and Utilities, Telecoms, Transport and other government agencies, our clients drive key infrastructure we all depend on.
Our Solutions
DATA DIODE PROXY SOLUTION
One Way Appliance (OWA)
Industrial environments have safety critical and secure Operational Technology networks disconnected from other networks. In order to make the data accessible for outside networks, Data Diodes can be utilized as a one-way data replication solution.
The solution uses Hardware Secure “One-Way” Communication using the Cyberium DataDiode component. The solution segregates OT Network from the IT Network 100% one-way enabling IT Network users to have access securely and in real-time to OT information without compromising the Safety, ensuring the Availability and Integrity of the OT Network.
The DataDiode is also used by Critical Infrastructure to protect their most critical systems (Safety Network, SIS) while enabling them to send real time Alarms & Events to the non-safety networks (DCS/SCADA).
Benefits:
Compatible with all true hardware data diodes
European & International certification
100% one-way
Multi industrial and IT protocols supported
Results:
100% outsider threat protection: Physically impossible for an Outsider to penetrate the protected network
OPEX reduction: Extremely low maintenance and no need for L3.5/L4 monitoring compared to an F/W
CAPEX reduction: A single control instead of a dozen
Reduced insurance costs
Protocol Coverage
IT/OT:
All file transfers: FTP/FTPS/SFTP/MFTP
SIEM: syslog/TCP or syslog/UDP (ArcSight, Splunk, QRadar)
Email transfer: SMTP relay
HA systems at 1Gbps/ 10Gbps functional level
1Gbps/ 10Gbps multi-engine online wire-speed anti-virus
Database replication (MS SQL, ORACLE GG, PostgreSQL)
IBM MQ, MQTT (roadmap)
WSUS and anti-virus update
TCP/UDP streaming (case by case)
BiDirectional: XML filtering, application filtering, anti-virus, content neutralization and encryption
OT:
Replication of Historians (Honeywell PHD, AspenTech IP21, GE OSM, BH System 1)
OSISoft PI to PI replication: HA, multi-instances, real-time data and meta-data, conflict management, automatic upstream and downstream recovery, backfill and buffering.
OPC UA Replication
Modbus replication (beta) and IEC 104 (roadmap)
Experience You Can Trust.
Our Services
Cyberium has established, implemented and maintained full fledge Risk Based Cyber Security Management Systems (CSMS) compliant with IEC/ISA 62443 and national standard like Q CSF, NERPA and NESA. We worked with Upstream and Downstream Oil & Gas, Power, Fertilizer and Chemical plants as well as the Rail sector operators.
Cyberium is an active member of International Society of Automation, ISA, and presented numerous peer reviewed papers during ISA Conferences in EMEA.
Cyberium’s methodology is based on ISA 62443-3-2 Risk Assessment methodology for the step-by-step approach and on ISF IRAM2 & the FAIR detailed risk assessment procedures.
One of the first steps is to develop the Business Rational aligned the Enterprise Risk Management and the CSMS organization. Typically, Cyberium establishes the framework of Policies and Risk Management Manual to define the methodology to perform Criticality Assessment and Risk Assessment.
ISA 62443-3-2 requires that we perform a High-Level Risk Assessment first to assess the impact of a worst case cyber event on the systems in scope. We perform this HL-RA or Business Impact Assessment with all the stockholders such QHSE, I&C, Maintenance, Finance, Legal and PR.
After focusing on the critical systems identified at the previous stage, we perform a Detail Risk Assessment as per ISA-62443-3-2. We assess the likelihood of a risk according to IRAM2 based on Customer’s Threat Profile and Vulnerability identified by assessing the existing controls against ISA 62443-3-3, calculated thanks to FAIR methodology.
During the last 8 years Cyberium’s consultants performed detailed Risk Assessment on more than hundred critical systems on multiple sites involving DCS, SCADA, Auxiliaries and SIS such as FGS, ESD, HIPPS etc.
Protect your critical infrastructure.
Contact us to learn more about our solutions and services.