Making sure critical infrastructure delivers

Cybersecurity in critical infrastructure

Critical infrastructure such as electricity distribution, water supply, transportation and telecommunications all depend on IT systems for management, surveillance and control. Industrial control systems (ICS), also called SCADA (Supervisory Control And Data Acquisition), are in fact consequently essential to maintain the functionality of modern society. There are no shortcuts when it comes to cybersecurity. Encryption is merely part of the overall protection, segmentation another. You always have to have a holistic approach and also include physical security and human factors.

Regulations for actors in critical infrastructure

There are regulations for actors in critical infrastructure to follow. For example, the NIS Directive aims to promote security measures and boost EU member states’ level of protection of critical infrastructure. In other words, it improves information security of operators in sectors that provide essential services to our society and economy. This also means that action needs to be taken by actors in critical infrastructure to fulfill these security demands.

How to raise cybersecurity in critical infrastructure

To raise cybersecurity of critical infrastructure in general, strict segmentation of industrial control utility systems (ICS/SCADA) has to be applied, combining logical separation with physical separation. This means keeping separate domains in the architecture isolated and allowing only very specific information to flow in-between. An effective way is to achieve this is by using products that replace manual management of information (air gap) and connect OT with IT systems at the highest level of security.

The most important element in enhancing ICS/SCADA security is to keep the separate domains in the architecture isolated and only allow very specific information to flow in-between. Advenica’s Data Diode creates a high assurance isolation in the back direction, thereby blocking everything from the outside. If two-way information flow is necessary between the domains, a solution based on a high assurance filter, like SecuriCDS ZoneGuard is needed. Here the information is inspected in every detail and approved if, and only if, everything is in perfect order. The high assurance filter performs the virtually impossible task of interconnecting specific information flow between two domains that must not be connected.

Advenica helps operators within critical infrastructure identify vulnerabilities in current hardware and network components and to take strategic and effective measures towards higher information security.

Blog article

IEC 62443 – a standard you should know if you work with security in ICS systems

Solutions for securing functionality of industrial control systems

Complete programme for upgrading information security
20 years’ of cybersecurity solutions means we can advise the best path based on your needs regarding information security.
Protect operational systems without compromising availability
With Advenica’s encryption and segmentation networks can be separated and information can be connected information securely at the same time.
Secure uni-, bi-directional and airgap information exchange
Advenica’s Cross Domain Solutions enable strictly controlled and filtered information exchange between domains with different security or protection needs.
Future-proof solutions
Advenica’s encryption products use quantum secure patented proprietary VPN technology and our segmentation products are based on the same principles.
Promotes compliance with GDPR, NIS and Swedish security protection legislation
Advenica offers a complete programme for upgrading information security, comprehensive services and military-grade products.