We solve industrial control system cybersecurity problems, whether it is a cybersecurity assessments to access risk and weaknesses, designing a resilient and recoverable system, training to improve your team's ability to do what we do including defending your systems, or technical writing for policy and procedures your team to use.
Our team is comprised of the best people including authors and recognized authorities in control system focused cybersecurity.
Below is a list of the most common OT cybersecurity problems, their consequences, and how we solve them.
We also write often and you can check out articles on our NEWS page. If you want us to write on a topic, let us know on the CONTACT page.
If you wan to talk, send us an email on our CONTACT page.
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
Strategies:
SubSafe Security is a control system or operational technology focused business that offers customized training content services for your learning management system or ours.
For more information...
Consider this article on cognitive bias and risk analysis challenges:
https://subsafesecurity.com/news/f/understanding-the-disparity-in-risk-assessment-rationalizing
Operational technology (OT) encompasses the systems that monitor and control physical devices and processes in industries such as manufacturing, utilities, and transportation. It is crucial for ensuring that these systems, which are fundamental to daily operations and safety, remain safe from cyber threats that could disrupt operations and cause physical harm.
For more information...
Consider this article about what is operational technology:
https://subsafesecurity.com/news/f/key-it-and-ot-differences
We teach your team how to perform vulnerability assessments using passive (non-intrusive) network assessment methods to gather information about a network. This means that it does not require any interaction with the hosts on the network, and it will not generate any alerts or notifications. In terms of impact on control system networks, passive network assessment is generally considered to be safe.
For more information...
Consider this article about operational technology vulnerability assessments:
https://subsafesecurity.com/news/f/control-system-vulnerability-assessments
We teach how to collect the data, perform the risk assessment, create and present the report which normally contains the following:
Safety functions are designed to put a system or process in a safe state if something goes wrong. There are safety functions associated with mechanical safety regions like the area around moving equipment like a robot and safety functions associated with process control. In the process area, specialized teams perform a Process Hazards Analysis (PHA) to identify the safety functions necessary to protect a process. Assessments for safety functions are essential because cyber threats can manipulate or disrupt these safety mechanisms, leading to potential safety hazards, environmental damage, or even catastrophic failures. We can teach several methods to assess safety functions for cybersecurity vulnerabilities, but we prefer the Security PHA Review method which reviews PHA reports for attack vectors and makes recommendations.
For more information...
Consider this article about a Security PHA Review:
We teach defense-in-depth strategies discussed in the IEC 62443 standard, and many other documents, to protect your physical assets from cyber threats. Defense-in-depth encompass strategies like segmentation, access control, whitelisting, patch management, physical security, system hardening, monitoring and detection, incident response, and recovery.
Our team of experts works closely with you to assess your security needs and develop a customized training plan that fits your unique requirements that your team can manage.
The areas below represent that specific industries where we are well qualified control system and cybersecurity experience.
I live in a forest and I love the rabbits that live on the land. Ok, I love the other creatures including our local black bear, a lot of deer and wild turkey, and bald eagles. I was tempted to use the bald eagle, but I lost some of my sight from macular degeneration and felt a little more like a rabbit when I drew the logo. The one eye is red because after I get injections in an eye, it looks like this the next day most of the time.
I suspect you wanted more or a glorious story, but that is it.
As an ex-submnariner, safety and security processes formed the basis for myself and the rest of the boat's crew. As a consultant, the same is true for many of the places my team has worked.
I chose our name because of the Submarine Safety program. It is a rigorous quality assurance initiative established by the U.S. Navy to ensure the safety and integrity of submarine systems, focusing on preventing flooding and ensuring the ability to recover from an emergency. It was instituted in response to the loss of USS Thresher in 1963 and involves strict adherence to design, construction, and maintenance standards. As a submariner, this was one of the first programs that I knew of that was designed to prevent horrible accident and consequently, I thought of it often when working on refineries and chemical plants.
Your privacy is important to us and we take it seriously. This policy outlines how we would collect data and protect it even though we do not collect data.
Information Collection and Use
We do not collect or use your information except when you fill out a form or sign up for our newsletter on our site. The collected information includes your email address only for the newsletter and maybe your name, email address, and message details if you submit a contact form (there are some optional fields and we protect that information also).
Your information is ONLY used by us to respond to your requests.
Your information will NEVER be shared or sold!
Information Protection
Your personal information is contained behind secured networks and is only accessible by a limited number of clearly identified people that are required to keep the information confidential.
Information Sharing
Subsafe Security does not sell, trade, or otherwise transfer to outside parties your personally information.
Cookies
Our website uses cookies to enhance your experience by remembering your preferences for future visits and compiling aggregate data about site traffic and interaction only. The cookies are shared with Google Analytics and GoDaddy.
Google Analytics uses cookies to track user behavior and aggregate data about website traffic. The information collected can include:
GoDaddy may collect data through cookies to manage and improve its hosting services and for security purposes. This can include:
Both Google Analytics and GoDaddy use this data for improving service delivery, enhancing user experiences, marketing, and optimizing their own services and technologies.
Consent
By using our site, you consent to our website's privacy policy.
Changes to our Privacy Policy
If we decide to change our privacy policy, we will post those changes on this page. This policy was last modified on 4/19/2024.
SubSafe Security LLC