Our goal is to significantly reduce your risk by elevating the cybersecurity of your control systems and enhancing the skills and awareness of your team. We focus exclusively on high-impact areas that deliver measurable results, ensuring you receive the most effective solution tailored to your situation.
Additionally, we offer valuable insights and knowledge through our website. Your privacy is paramount to us; we guarantee that your contact information will remain confidential, as we firmly commit to never selling or sharing it.
Our assessment is designed to identify and address vulnerabilities in control systems at any stage, from pre-construction through to operational phases. It is a comprehensive process that quantifies risks and prioritizes mitigation strategies for any identified vulnerabilities. Our approach results in a clear, prioritized action plan, ensuring ease of implementation. An assessment can include a Security PHA Review, a CyberPHA, or a detailed Vulnerability Assessment all customized to strengthen the security and integrity of your organization's control systems.
Learn more about Vulnerability Assessments at
https://subsafesecurity.com/subsafe-security/f/control-system-vulnerability-assessments
The Security PHA Review process is a systematic approach designed to identify and analyze potential security threats and vulnerabilities to Safety Functions controlled by a SIS (Safety Instrumented System) or a PLC (Programmable Logic Controller).
Security PHA Review uncovers any security flaws that might be exploited by malicious actors, leading to unauthorized access, loss of control, or other security incidents. A Security PHA Review clearly identifies safety function vulnerabilities and recommends mitigation strategies including physical and cyber-based systems. The goal of a Security PHA Review is to ensure that security considerations are reviewed periodically in conjunction with a regular Process Hazards Analysis to ensure the safety functions have not been compromised.
Learn more about Security PHA Review at
https://subsafesecurity.com/subsafe-security/f/security-pha-review
Our training will tailor to your situation and control systems for your staff on how to identify, prevent, and respond to cyber threats. We can also provide an awareness program to promote a culture of security awareness to minimize your risk of cyber-attacks. Training and awareness programs can include various types of online and in person training as well as Operation Technology focused cybersecurity campaigns.
We understand that every control system project has its unique challenges, our general consulting services are designed to be adaptable. One area we specialize in is convergence consulting that integrates your IT and OT teams, fostering seamless collaboration and unified solutions. Our flexible service offerings can be customized to include any combination of our expert services, ensuring that we address the specific needs of your control system cybersecurity project, no matter how unique or undefined it may be initially.
Learn more about Convergence Consulting at
https://subsafesecurity.com/subsafe-security/f/itot-convergence
If you are interested in being notified when an article is published, you can sign up here and we promise not sell or abuse your email address. Our Privacy Policy is linked at the bottom of this page.
Jim McGlone is our chief and a decorated veteran who served on submarines as a nuclear reactor operator, Jim is a seasoned & certified operational technology cybersecurity professional with years of control system experience in all the areas mentioned above. Jim is also the co-author if Security PHA Review.
ANGRY RABBIT
Jim recently lost some of the vision in one eye, so the angry rabbit gained a bloodshot eye. Learn more about the Angry Rabbit approach to cybersecurity at https://subsafesecurity.com/subsafe-security/f/angry-rabbit
SUBSAFE
The Subsafe Security name comes from our core belief in the same in-depth strategy from design, selection, construction, testing, operations and maintenance to protect control systems from cybersecurity attacks that the US Navy has in its SUBSAFE program. The tragic loss of the USS Thresher was a complex event with multiple contributing factors. It was discovered that the failure of a single system that was not designed appropriately and antiquated procedures caused the submarine's descrtruction. The SUBSAFE program was created to prevent a similar tragedy from happening again.