HAWKEYE FOR ICS / OT

Armed with in-depth knowledge and expertise in Industrial Control System Cyber Security, HAWKEYE Managed SOC powered by DTS managed CSOC as a Service, helps you understand the cyber security risks within your Industrial Control System / Operational Technology environment by delivering monitoring services either in real-time, scheduled frequencies or on-demand.

Industry sectors such as Utilities, Energy, Manufacturing, Airports, Railways, Telecommunications, Smart Cities operate complex chain of Industrial Controls Systems (ICS) and Operational Technology (OT) systems. These systems have Cyber-Physical attributes where a breach due to a cyber-attack can lead to actual critical process failure or physical damage.

In the Middle East we have seen a string of high-profile targeted attacks against critical infrastructure environment, the most notable, was TRISYS Targeting Safety Instrumentation System (SIS) with the ultimate aim of shutting down the plant.

Hackers Don’t Sleep, Neither Do We.
Hunting Cyber Adversaries With HawkEye
Powered by DTS Solution - Cyber Security Redefined

Scheduled Managed Cyber Security Services (Subscription)

  • HAWKEYE Managed SOC analysts specializing in ICS/OT will come on-site on a monthly basis to perform a complete cyber security review of logs, events and audit trails across the environments.
  • Specific monitoring use-cases will be defined prior to the agreement to ensure relevant monitoring activities are performed.
  • ICS / OT Cyber Security Status Dashboard with Monthly Report will be submitted to the relevant stakeholders
  • Patch Management Status Level
  • Vulnerability Status Level
  • User Activity Audit Trail Status
  • Removable Media Usage Status
  • Network Anomaly Detection Status
  • Access Switch Switchport Status
  • Remote Access Monitoring Status
  • Firewall Logs Review Status
  • Industrial Protocol Violation Status

HAWKEYE for ICS/OT

At HAWKEYE Managed SOC; we have developed a unique service offering, where we deliver Managed Cyber Security Services for organizations that operation ICS/OT environments. We offer this service in the following operating model;

Security Remote Monitoring Service

  • Security Events and Logs are kept on premise.
  • SIEM platform log collection for remote monitoring reside in L3.75 DMZ – sandwiched between L3.5 and L4.
  • HAWKEYE OT-CSOC deploy two layers of firewalls managed by the client;
    • IPSEC VPN Termination Firewall
    • L3.5 DMZ Firewall
  • L3, L3.5 DMZ to L3.75 communication is outbound only (SYSLOG UDP) where reverse connection is impossible.

Monitoring Methodology

HAWKEYE Managed SOC Dubai has developed the ICS / OT Cyber Security Monitoring Use Cases based on the ICS MITRE ATT&CK Model that is very specific to critical infrastructure protection. Detection is the key here, not prevention, and our tools and techniques of developing monitoring controls within your OT environment will give CISO / ICS Cyber Security Specialists and OT Operations Team unparallel visibility into the security posture of your industrial networks unseen before.

HAWKEYE Managed SOC Offshore Monitoring Team will only have view functionality (READ – MONITOR mode) on the Terminal Server (Bastion Host) ensuring data flows are highly secured.

Contact us to arrange a half day Managed SOC workshop in Dubai.


CONTACT US

We welcome you to contact us for more information
about HAWKEYE - SOC As A Service.