Cybersecurity has become a major concern to the industry in recent years. Industrial control systems (ICS) are increasingly connected to internet-connected company IT networks, making them potential targets for involuntary or voluntary intruders. Hackers are steadily developing sophisticated skills in attacking industrial equipment such as PLCs, DCSs, industrial sensors and SCADA systems.
At the same time governments and authorities are developing and imposing increasingly stringent regulations based on international regulations, norms, and standards such as the EU’s NIS directive, IEC 62443 and ISO 27000. Unfortunately, the established models and tools used to reinforce IT cybersecurity are not well-adapted to the needs of industry.
Industrial companies face quite different cybersecurity challenges, because of the absolute priority they place on asset availability, ICS reliability, safety, and operational continuity. ENGIE Laborelec is attuned to the needs of industrial customers and works with them to combat industrial cybersecurity threats effectively.
Cybersecurity expertise and industrial field experience
ENGIE Laborelec’s Industrial Cybersecurity Department helps ensure company ICSs remain available, reliable, and safe from cybersecurity threats without compromising operational continuity. We have more than ten years of experience in industrial cybersecurity worldwide, and our cybersecurity experts have in-depth knowledge of ICSs and extensive field experience.
Identifying gaps, hardening, and monitoring
Our services are fully-tailored to customer needs and will include:
Assessing risks and gaps
We assess the industrial cybersecurity risks, any asset vulnerabilities, including using penetration testing, as well as compliance with best practices and international standards and regulations. Subsequently, a remediation plan is developed.
We put in place security and hardening, including device-level technical measures and organization-level procedural measures, to protect ICS assets against potential intrusions.
Additional services include training and awareness programmes, a threat intelligence service, and penetration-testing services (in the field or in our dedicated cybersecurity lab).