Industrial Control Systems Cybersecurity
Protect and defend your critical industrial assets with Nexus’ end-to-end ICS security solutions.
The benefits of modernization and digital transformation are driving businesses in every industrial segment to move to new cyber-physical system technologies, making it possible to gather and analyze rich asset data with greater efficiency and flexibility. But along with the productivity and safety gains that can be achieved, the need for comprehensive cybersecurity protection also increases as the attack surface of the plant expands.
Leaning on our deep knowledge and global expertise in critical infrastructure protection, Nexus Controls designs and deploys holistic operational technology (OT) cybersecurity solutions tailored to the unique demands of your industrial plant network.
Nexus Controls can ensure that you have an effective cybersecurity program that meets the needs of legacy control systems, with limited expert resources, while accounting for modern technology and increasing cyber threats.
By leveraging Nexus Controls' 60-year industrial domain expertise and tailoring cybersecurity solutions specific to customer ICS use cases, you can be confident that Nexus OTArmor exceeds alternative ICS cybersecurity solutions on the market today.
End to End Cybersecurity Protection
An innovative strategy drives us. We have a complete, end to end, Cybersecurity Portfolio. Over our long history we have focused on continuous innovation and developed our portfolio to include an expansive range of services and solutions designed to defend industrial critical assets. In fact, the only control we don’t provide is cybersecurity insurance. But beyond that, we have something for every business use case or challenge.
Learn More About Nexus OTArmor™ Cybersecurity Capabilities:
-
Nexus OTArmor™ Cybersecurity Platform
-
Our OTArmor™ Cybersecurity Platform offers the following solutions for your organization's cybersecurity needs:
- Anti-virus
- Application whitelisting
- Asset management
- Back-up and recovery
- Data diodes
- Intrusion detection/prevention systems (IDS/IPS)
- Multi-factor authentication (2FA)
- Next-generation firewalls
- Patch management (centralized)
- Role-based access
- Security Information & Event Management (SIEM)
- Secure remote access
- Virtual private network (VPN)
-
Nexus OTArmor™ Cybersecurity Intelligence
-
It is important to start with some kind of benchmark to understand the current state of security readiness. We provide a large variety of security assessment services. They are designed so the CEO, CISO, Plant Manager, or Compliance Manager to prioritize steps for mitigation, and even to help obtain future budgets within a multi-year cybersecurity program.
- Useful for obtaining budget & prioritizing cybersecurity roadmap
- Understanding current state of security readiness
- Your results versus industry expectations
- Identify weakness early to prevent exploitation
- Delivers prioritized, actionable mitigation steps
Types of Assessments Offered:
- CIS Top 20 Controls
- Highly complex risk assessments or Penetration tests
- Product security assessment (IIOT, Controller, etc.)
- Compliance gap (NERC, NEI, IEC, etc.)
- Adversary Emulating Red Team Engagements
- Hunting as a Service (HaaS)
- Credential Risk Assessment
-
Nexus OTArmor™ Cybersecurity Services
-
Managed Security Services
Nexus Controls’ team of cybersecurity analysts are experts in big data solutions like Elastic Search, Splunk, and Hadoop. our highly skilled forensic analysts review relevant logs to minimize false positives and maximize the detection of threats. Whether you already have a Security Operations Center (SOC) or not, our 24X7 managed security services are scalable to meet your unique needs.
Patching Programs
Cyber Asset Protection (CAP) is a key part of a defense-in-depth system for turbine, plant, and generator controls environments. The patching program includes operating system and application patches as well as anti-virus/ intrusion detection signatures to cover updates for HMIs, servers, switches, and network intrusion detection devices. Monthly updates can be applied to individual HMIs or via the Nexus OTArmor™ platform for network-wide deployment
-
Nexus OTArmor™ Cybersecurity Certifications
-
IEC 62443-2-4 (maturity level 2) certification ensures secure lifecycle of Nexus OTArmor as an integrated system. This ensures safe industrial operations through a detailed analysis of our engineering processes throghout the security lifecycle; product design, manufacturing, network and system security, installation, and commisioning.
IEC 62443 3-3 (security level 3) certified industrial cybersecurity platform that ensures that the Nexus OTArmor cybersecurity solution was engineered utilizing a secure product development lifecycle process that includes IEC defined functionality and maintainable security. Additionally, this certification validates that the Nexus OTArmor portfolio has undergone rigorous testing for security risks.
These important industry certifications demonstrate our commitment to protecting industrial customers, including assisting them with regulatory and compliance requirements including NERC, NEI 08-9, CIS and NIST.
How Nexus Controls Is Solving Customer Problems Across Multiple Industries
As a provider of comprehensive cybersecurity solutions across multiple industries, Nexus Controls is well-equipped to help your industrial plants achieve safety, zero unplanned downtime, and operational efficiency:
Improving your security posture
-
Security Data Enrichment
-
Operator Cybersecurity Dashboards
- Nexus Controls designed dashboards
- Data-rich Security Incidents & Events Management (SIEM)
- Ready for Security Operator Center (SOC) integration
-
Managed Security Services (MSSP/MDR)
-
- Industrial process control experienced
- Ingest relevant logs to minimize false positives to maximize detection and forensics
- Expert system assists analysts for human evaluation of most important threats
- 24x7 operations, geographically distributed
- Full integration with holistic threat intelligence (not just another feed)
- Human-Led, OT/IT technology accelerated
-
Cybersecurity Assessments
-
Site Security Assessments:
- Optimize Production and System Reliability
- Identify, prioritize, and mitigate risks that impact critical production systems
- Tune the network architecture and information flows to improve resiliency and reliability
- Improve Overall Security
- Evaluate people, architecture, and technology to identify weaknesses and mitigation strategies
- Address individual weaknesses in systems, assets, or data flow with comprehensive findings
- Enable Compliance Efforts
- Fine-tune security policies and practices to align with relevant industry standards, regulations, and best practices
- Maintain comprehensive reports and documentation to assist with regulatory compliance efforts and audits for IEC62443, ISA99, and more
Product Development Security Assessments:
- Improve product security
- Address product weaknesses during development to reduce the risk of a public breach
- Reduce product costs
- Reduce the cost of remediation of security risks typically found after product deployment
- Enable compliance efforts
- Process improvement recommendations align with relevant industry standards, regulations, and best practices
- Gain a competitive advantage with customers who have supplier compliance requirements
Achieve greater visibility and protection of critical assets
-
Asset Management
-
Asset Identification
- Identify and list the assets present on the networks monitored
- Identify information such as make, model, firmware, Operating System, installed software
Asset Configuration Change Detection
- Identify if a change has occurred over the network or to the devices on the network which may indicate a compromise
- Identify if a change has occurred to an industrial device which may be an indicator of a compromise
Methods of Discovery
- Active discovery
- Passive discovery
- Hybrid discovery
Compliance via regulatory & internal cybersecurity policies
-
Compliance Management
-
Detecting, Responding & Prevention
- Detecting cyber threats and possible breach activity
- Responding to deviations with high value/low volume alerts
- Prevention through adapting and prioritizing threats and change deviations
Policy Manager
- Establishes and maintains consistent compliance score
- Agent-based and agentless (critical vendor-agnostic feature)
- Configuration assessment against 1000+ compliance policies, standards, and regulations
Keeping your remote industrial operations secure
-
Secure Remote Access
-
- Multi-Factor Authentication encrypted remote access
- Secure gateway using Zero Trust secure access solution
- Video replay technology for maximum isolation between plant operation assets and external remote access users
- Granular access control mechanisms and mediated remote file transfer
- Protect against zero-day malware utilizing advanced malware detection
- Simultaneous user access, ideal for a work-from-home environment
44 countries on 6 continents, 8 Assembly / Test Facilities, 13 Engineering Offices.
Genuine Parts for Woodward Hydro, GE Mark™ Controls and Nexus OnCore† products.
Global 24 hours per day - 7 days per week Domain Expertise is just one call away.
Exida Certifications
Contact Us
©2021 Baker Hughes Company