CONFIDENTIAL- aeCyberSolutions - Banner_v3b2.jpg

Four Pillars of a Cybersecurity Program

Our aeCyberSolutions™ suite of services is a risk-driven approach organized into four competencies: Governance, Risk Management, Security Implementation, and Security Operations. By working with you and focusing on the core mission in each of these four areas, we can help you meet your mission.

1-e1548614949622.png

Cyber Program : Establish cybersecurity policies and practices

If the key to safety is to create a safety culture, then the key to cybersecurity is to create a security culture, and Governance is the foundation for a sustainable culture.

Using industry standards, including NIST CSF and ISA 62443, aeSolutions has developed tools, techniques and templates (such as aeCyberProgram™) to help you fast-track your cybersecurity program policies, procedures, standards, and training and awareness programs. We can also help you with establishing a governance board and charter, a security plan and master policy, and other executive engagement activities and deliverables (such as aeReport™), all designed to drive the creation of a security culture in line with your safety culture and your operational reliability requirements.

311861-1-300x170.png
Untitled-300x276.png

aeCyberProgram™

Build your ICS Cybersecurity Program

 

  • ICS Program Framework Development

  • Policy & Procedure Development

  • Cybersecurity Requirements Specification

  • Mitigation Road Maps

aeCyberTrain™

Train your Workforce

 

  • ISA Security Technical Training (ISA plus aeSolutions)

  • ICS Security Training for Managers 

  • Role-based Cybersecurity Training

Learn more about the program building:

 
2-e1548614967415.png

Risk Management : Manage your exposure to Risk

Unlike IT risks, ICS cyber-based risk must be understood in terms of its potential physical impacts on facilities and equipment, operational reliability, employee safety, the environment, and product quality.

While these newer digital technologies provide many benefits to organizations, they can also inadvertently create exposures to cybersecurity risk, which in turn, if not properly identified and mitigated, could compromise the safety, integrity and reliability of your operations. It makes sense, then, that organizations are increasingly incorporating cyber risk evaluations into their design, engineering, testing and commissioning activities.

aeCyberPHA-HDTV-300x169.png
fat-sat-logo.png

aeCyberPHA®

A Proven Method to Assess and Prioritize ICS Cybersecurity Risk to Operations

 

  • Provides management with risk-ranked mitigation plan

  • Encourages collaboration, practical solutions & buy-in

  • Satisfies new IEC 61511 SIS security requirements

  • Uncovers “hidden” risks

  • Establishes a baseline to measure progress and justify decisions

  • Raises cybersecurity awareness

  • Successfully applied to hundreds of ICS since 2013

  • NEW! ICS Cybersecurity Risk Screening

    • Expose the potential magnitude of cyber risk

  • NEW! aeCyber Facilitation Suite®

    • A Do It Yourself Cyber PHA Package

aeCyberTest™

Test the Effectiveness of Your Controls 

 

  • Cyber Factory Acceptance Testing: Ensure the system is secure and free from known vulnerabilities before it leaves the factory.

  • Cyber Site Acceptance Testing: Ensure the system is secure and free from known vulnerabilities before it is commissioned.

  • Penetration Testing: environment, identify system vulnerabilities and test if they can be exploited.

 
3-e1548614982223.png

Security Implementation : Mitigate system vulnerabilities

The convergence of information technology (IT) and operational technology (OT), combined with the inter-connectedness of modern industrial operations, has created vast business value, but it has also created vast risk to operations and safety.

Undiscovered or unmitigated vulnerabilities can increase your attack surface. Network misconfigurations can cause unexpected downtimes. By adapting well-known vulnerability-management practices (such as aeCyberPatch™ patch management) or creating brand-new network optimization tools (such as aePCNOptimize™ network misconfiguration analysis), aeSolutions has developed tools, techniques and templates to help you segment and harden your networks, systems and accounts. We can help you to systematically identify, prioritize and mitigate your critical vulnerabilities and effectively reduce your attack surface to thwart would-be attackers.

pcn.png
Artboard-1@2x[1].png

aeCyberPCN™

Optimize and Harden

Your OT Network

 

  • PCN Security

  • Detailed PCN Assessment & Optimization

  • Detailed Mitigation Plans

  • Zone & Conduit Modeling

  • Network Segmentation

  • Secure Wireless Networking

  • ICS Firewalls

  • Firewall Assessment & Optimization

  • Network Device Hardening

  • ICS Architecture (DMZ)

  • Directory/Domain Services

  • Secure Remote Access / PAM

aeCyberOT™

Optimize and Harden

Your OT Endpoints

 

  • Detailed OT Asset Assessment

  • Detailed Mitigation Road Map

  • OS Hardening

  • Patch Management

  • Endpoint Hardening

  • PLC Security (e.g. FactoryTalk® Security)

  • Configuration Management

  • Backup / Recovery

  • Application Whitelisting

  • Removable Media Security

 
green-ops-e1551706914833[1].png

Security Operations : Establish resiliency

No one can create perfect security; in fact, experts agree that you should assume you will be breached. Therefore ‘protection’ is not enough – you must become ‘cyber resilient’ by mastering the practice of Security Operations: Rapid Detection, Effective Incident Response and Efficient System Recovery.

Security Operations Practices. aeSolutions has developed tools, techniques and templates to assist our customers to develop their Asset Management and Vulnerability Management practices, create and validate their Incident Response Plans, and assist with evaluating options to establish and staff a Security Operations Center (internal/MSSP/hybrid).

Security Operations Lab. Customers are encouraged to visit our Houston offices where we have established an ICS equipment/product testing lab. In addition to the ability to evaluate and test ICS IT and OT equipment, we have strategic relationships with several vendors of ICS Anomaly Detection products, and we can assist customers with hands-on product-comparison evaluations.

aeCyberOps™

ops.png
monitors[1].png

Monitor Your ICS

 

  • Security Tool Evaluation

  • Deploy ICS Detection Deployment

  • SIEM Integration

  • Network & System Monitoring 

    • Design & Integration​

  • OT SOC Design / Implementation

  • Malware Prevention

  • Vulnerability / Patch Management

Maintain Your Resilience

 

  • ICS Asset Inventory Maintenance

  • Network Diagram Maintenance

  • Operationalize your ICS Anomaly Detection 

  • Backup/Recovery Maintenance

  • ICS Change Management

  • Incident Response Planning

  • Technical Service Agreements

Our Core Services

aeCyberPHA

aeCyberProgram

aeCyberTest

aeCyberPatch

aeCyberPCN

aeCyberOps

aeCyberTraining

Specialized Industries

Pipeline

Maritime

About Us

Our Webinars

Our Videos

Our Blogs

Our Whitepapers

Our Articles

Our Team

Our Events

Our Partners

aeCyber Benefits

OT Cybersecurity Terms

We Can Help 

Build a Program

Optimize your PCN

Assess ICS Risks

Select Security Tools

Manage ICS Patches

Configure ICS Firewalls

Assess and Optimize ICS Firewalls

Create ICS Network Diagram

Create ICS Asset Inventory

Design PCN Domains

Implement a DMZ

Create Executive Reports

CONFIDENTIAL- aeCyberSolutions - Banner_v3b.jpg