Category: Uncategorized

Creating Zero-Trust Security Architecture

Posted on September 15, 2021 by - Uncategorized

Create Zero-Trust Security Architecture
Written by Garrett Williams, Senior OT Security Consultant

 

What is Zero-Trust Security?

Zero-trust is the practice of shrinking the cybersecurity perimeter and eliminating inherent trust in your environment. The focus is on using technology and up-to-date methodologies as tools to get security as close as possible to each individual asset or components within a control system.

For example, instead of a security zone being the entire manufacturing plant, specific HMIs and historians are grouped together to minimize the attack surface that a security team needs to manage. Between each grouping may be virtual networking divisions, physical devices or other mechanisms that allow for alerting and monitoring centrally.

Security solutions must be dynamic to keep up with modern threats – that is the only way to ensure your overall architecture has strong foundations to handle the security required for ongoing operations. With Industrial Control Systems (ICS), that means preventing unauthorized and unwanted access to operational technology (OT) that could have caused a disruption in the availability of services. The Zero-Trust model utilizes strong cybersecurity tools and methodologies to create an environment that is inherently secure as opposed to being inherently available.

So, where do you start? Every cybersecurity-related vendor now utilizes the buzzwords ‘zero- trust security’ and ‘false claims’ to sell the full package solution, but most products only add and strengthen the bricks within one or more pillars that complete your cybersecurity architecture. To create a truly secure environment, you’ll need a partner who can help develop the bigger picture.

Developing the “Bigger Picture”

To build a strong cybersecurity program, there are a number of cornerstone methodologies – or “pillars” – that can be implemented. Below are the most fundamental of these pillars:

Strong Asset Management:

Having an asset inventory is critical for security; it is the basis for most methodologies. Security requires a few different components to allow it to function at its best. When deciding what these pieces are, you should ask yourself questions such as:  What are we protecting? How much is it worth? Where is it? These questions must be addressed on a continuous basis in order to have strong asset management within an organization.

Some examples of assets are computerized equipment, generated data, software and/or applications, and even services. Assets should be ranked or prioritized. A common practice for control systems is doing a crown jewel analysis, which are devices and processes most critical for operation.

Least Privilege

Least privilege is giving the absolute minimal amount of access to resources necessary to do one’s job. An organization needs to define roles and the specific responsibilities that fall under each role. Only then can you create strong policies that restrict the appropriate access to resources during the appropriate time.

Dynamic IAM MFA

Multi-factor authentication (MFA) successfully defeats most password guessing and credential hijacking attacks. However, MFA by itself is not insurmountable. We are constantly creating and strategizing new ways to authenticate rightful users to the resources they need to do their jobs. Flexibility is required with security tool and technique selection.

The strongest and most effective way of authenticating users and devices is by combining multiple methods to create one strong policy. Identity Management can be very arduous and granular – it is paramount to understand how your organization defines and validates identities, as well as represents those identities digitally within your environment. Remember, the goal is strong discriminative authentication policies that do not inconvenience operations.

Build defensible networks with segmentation plus monitoring

Group and separate your network based on asset attributions, how they transact with each other, and their value to the business. The point in which one security zone interacts with any other should be digitally monitored. Monitoring is set up and networks are separated using virtual networking solutions or hardware solutions such as firewalls and unidirectional gateways.

In a zero-trust architecture, a defensible network serves dual purposes. These checkpoints can serve as booby traps and alert your team of adversaries in your environment. Network segmentation in addition to monitoring also gives you the option to defend yourself against an attack. For example, if you experience a ransomware attack, a segmented network can help prevent the spread of malware from one security zone or group of assets to another.

Your Partner in Cybersecurity

A zero-trust architecture establishes network security from the inside out, starting with the asset(s) or security zone. Sometimes, with a little bit of help, you can implement zero-trust architecture with little to no cost. There are many security-enabled features inside the networking, OS-based HMIs, and workstation systems currently used within most OT environments.

To help you transform your environment into a zero-trust security model, you need a partner that not only helps you invest, but also consults you on how to address cyber threats with existing capabilities. It is essential to have security-aware people, secure processes, and secure technologies.

RED Group is your partner in implementing zero-trust security architecture throughout your industrial environment. We can get started by evaluating your current cybersecurity program maturity and assessing how and where you can implement better cybersecurity tools and improve your cyber security posture. Contact us today to begin working on a roadmap to secure your environment.

Garrett Williams is an OT cybersecurity professional with an extensive history of building and leading high performing teams.

Cybersecurity – and Resilience – in Shipbuilding

Posted on August 4, 2021 by - Uncategorized

Cybersecurity - and Resilience - in Shipbuilding
Written by David Bacque, VP of Operations and Director of OT Security

 

“Cybersecurity” is a broad term, and the implications are more far-reaching than we typically consider – it isn’t just important for keeping our onshore systems safe. While cybersecurity and cyber resilience are certainly important to the health of all land-based IT/OT infrastructure, they are imperative for keeping ships and vessels secure, as well. Maritime cybersecurity is unique in the fact that the vessel itself is isolated from onshore systems but needs to integrate internally as well as be able to back up to prevent data loss while at sea.

The Challenge

Shipbuilders build ships – they have expertise around the process of engineering and constructing a ship – but often lack expertise in securing and integrating the modern electronic systems being delivered with various equipment packages. Vessels are comprised of many subsystems containing various degrees of complexity, automation, and integration which are required to work together for the safe and efficient operation of the vessels. While the package suppliers have expertise in building the subsystems, no one vendor, nor the shipbuilder, has the expertise to deliver a cohesive system and meet the cybersecurity expectations of modern ship owners. To equip a vessel with the tools and processes needed to secure its systems, an external cybersecurity specialist is often commissioned to evaluate and prescribe the measures necessary to meet the asset owner’s expectations.

The Solution

A clearly defined cybersecurity program needs to be created to communicate the asset owner’s security expectations while collaborating with suppliers to deliver secure systems. The cybersecurity program should align with the project phases and be tracked along with other project deliverables. Using our project security assurance process, RED Group has aligned cybersecurity into all aspects of the shipbuilding lifecycle:

  • Standards and requirements definition – align customer requirements with industry standards to create project-specific cybersecurity specifications.
  • Purchasing Specifications – build cybersecurity into the procurement process and include cybersecurity expectations into supplier contracts.
  • System Assessments – review and assess supplier and engineering documentation to validate alignment with standards and requirements.
  • Remediation Tracking – Identify gaps and coordinate with vendors to remediate
  • Acceptance Testing – witness and verify compliance with specifications during factory or site acceptance testing.

RED Group can Help

When your business is building ships, cybersecurity is not always at the forefront of considerations. Floating, propulsion, steering and navigation – these are the things that make a ship a ship. Not always considered, but no less important, is securing the systems onboard. RED Group has the expertise needed to ensure your vessel meets your client’s needs and expectations regarding the protection and recovery of the systems onboard. Contact us to find out how partnering with RED Group can help you deliver a ship that exceeds your clients’ expectations.

David Bacque, an experienced cybersecurity and operational technology (OT) professional, has led, advised on and delivered OT projects and ICS security initiatives with industrial clients around the world.

RNG: A Clear Path Forward

Posted on July 27, 2021 by - Uncategorized

RNG: A Clear Path Forward

The Renewable Natural Gas (RNG) space is one that is growing at a rapid, steady pace – and not surprisingly! If sustainability and innovation aren’t enough to draw you in, the RIN credit pricing trajectory and other incentives will. Many legacy landfill/plant owners have started purchasing new assets with the intent of converting them into RNG processing facilities to either upgrade and sell or continue producing RNG. The idea of “plant-flipping” is not new; after all, if you’ve already got experience with operating and owning a plant, this should be no different, right?

The Challenge

While it is certainly true that RNG is a lucrative renewables subindustry, it’s also true that there are some potential complications to getting started and operating an RNG facility efficiently, even for the most experienced plant owners. Some issues include complications with integrating process equipment and their accompanying technology, trouble operating at the efficiency required to get the desired ROI, and difficulty standardizing approaches/technology throughout an entire organization, to name a few. Proper landfill operations strategies, solid gas processing ideals, as well as top tier controls and automation are some of the components required for an efficient operation.

The challenges faced by many plant owners are where RED Group excels. Our team is comprised of consultants with engineering, automation, cybersecurity and field service expertise, and our UL listed panel fabrication shop, where we build and test our control systems, sets us apart from any other automation firm. Our experienced team of engineers have the skills and solutions necessary to increase uptime and efficiency.  This allows us to fine-tune your operations to greater profitability.

The Solution

Where many firms are just getting started with Renewable Natural Gas, RED Group has 8 years of experience as the Go-To Integrators in this space. Our team is experienced in designing, integrating, and optimizing your systems. Looking for centralized SCADA tying all your assets together to provide remote monitoring? We can help. Looking for advanced analytics capabilities to better predict equipment failure, plant upsets, etc.? We have you covered there as well. Our field service technicians are ready to support you remotely or onsite to address challenges in the field if you do experience problems. For owners of multiple assets, we provide a simple way to monitor all your assets from your phone, tablet, or computer anywhere in the world. We can partner with you to incorporate the right amount of automation, saving your organization significant dollars and freeing up your team to focus on higher value tasks. RED Group is a one-stop-shop for all design, integration, panel construction and cybersecurity needs.

The value RED Group brings is increasing uptime and efficiency, maximizing your return on investment. If you have recently acquired a new asset, RED group can execute an assessment, providing you with an asset inventory, standardization opportunities, optimization consulting, and beyond. If you have multiple assets, we can partner with you to integrate your new asset into your portfolio with standardization in mind. We standardize your systems/processes operation-wide, which will minimize time spent learning new systems, time transferring between systems, as well as keeping training consistent amongst sites. Standardized systems and processes mean that every operator will recognize and be able to operate the system for each piece of equipment, regardless of the location, function, or even manufacturer; all process equipment will have a similar look and feel, creating ease-of-use for your operators.

Take Away

At RED Group, we’ve seen the obstacles plant owners face. We understand the frustrations start-ups (and even well-established operations) face when it comes to operations and integration. It isn’t only important for your equipment to work together – and work together well – it’s essential for everything to work efficiently, safely, and securely. That’s where we come in. RNG is a space that is growing steadily with no signs of slowing, and the value RED Group has to offer speaks for itself. Whether you have no experience or are an expert in this space, we can make the transition simple. With RED Group, you’ve got a partner you can trust. Contact us today to find out how we can increase the efficiency, profitability, and ROI of your operations.

Creating and Maintaining a Cyber Resilient Organization

Posted on May 21, 2021 by - Uncategorized

Creating and Maintaining a Cyber Resilient Organization
Written by David Bacque, VP of Operations and Director of OT Security

 

When major cyber events hit the news, we are reminded again of the best practices and continuous improvement opportunities we may, or may not, be employing to lead a cyber resilient organization. Teams responsible for operational technology and industrial control systems should be keenly aware of the risks associated with cyber events and the potential for costly production downtime, not to mention damage to people, property, or the environment.

While it is important to have procedures in place to respond to cyber incidents, preventative measures should be your first line of defense. For OT Systems, there are several critical security controls that are often overlooked or not fully implemented which can go a long way towards mitigating risk and improving an organization’s ability to respond to a cyber event. This article briefly outlines a few foundational elements which should be utilized in addition to proper incidence response planning.

Asset Management

Often, organizations have an incomplete or outdated asset inventory stored in a file which is hard to find and even harder to manage or derive value from. Modern OT Asset Discovery and Monitoring solutions, such as Forescout, can proactively and safely monitor OT systems to maintain an asset inventory as well as monitor for unplanned system changes, current patch levels, and unauthorized devices.

Portable Media and Device Management

Because OT systems are typically segmented from other enterprise systems as well as the internet, well-intentioned administrators, consultants and technicians often must get creative on how to connect, update and configure devices. This typically involves connecting a portable computer to the system or bringing data in on a portable media device, such as an external hard drive. In order to maintain the integrity of an OT system, it is critical that a process exists to limit the use of unknown portable media and computers as well as a process to scan and quarantine any device which needs to connect into the OT environment.

System Patching and Hardening

Modern operating systems are insecure by design and require a plan for patching and unnecessary features to be disabled to minimize the possibility of malicious code execution. OT system administrators often skip patching and hardening OT systems because of the false sense of security provided by network boundaries, firewalls or even “air-gaps”. The fact is that malware or other exploits can still find their way into OT systems through portable media and computers or even through poorly configured firewalls or inadvertently connected systems. Once inside a network of unpatched computers, exploits are far more likely to wreak havoc through well-known vulnerabilities. Typically, these vulnerabilities have long been addressed by system vendors.

Disaster Recovery Planning

Most people know that it is important to routinely back-up mission critical data and systems to avoid data loss in the event of a system failure. What is often overlooked, however, is utilizing a process and practicing an actual system restore from that backup to verify that systems can be recovered in an amount of time consistent with a risk-based plan. In the same way disaster preparedness is important to ensure your team is familiar with the safety protocols put into place for emergency situations, disaster recovery planning prepares your team in the event of a cyber-attack. Backup integrity needs to be regularly verified and systems should be restored onto test hardware to verify that recovery processes are accurate and reduce the impact of a cyber event or system failure.

Preventative Measures

In summary, there are a number of risks associated with industrial cybersecurity of OT systems. While it is certainly important for organizations to have procedures in place to respond to cyber events, it is also crucial to be proactive about protecting your assets. A few preventative measures that should be implemented within organizations include:

  • Asset management
  • Portable media and device management
  • System patching and hardening
  • Disaster recovery planning

Ensure your systems are protected and your assets are defensible – contact RED Group today to get a better idea of where you currently stand on your cybersecurity journey and to lay out a roadmap to better cyber resilience.

David Bacque, an experienced cybersecurity and operational technology (OT) professional, has led, advised on and delivered OT projects and ICS security initiatives with industrial clients around the world.

Introducing RED Rover, an On-site Technician Solution for COVID-19 and Beyond

Posted on April 15, 2020 by - Uncategorized

The RED Rover

Are you in need of on-site support but want to reduce travel costs or mitigate risk by restricting personnel access? We are excited to now offer RED Rover, our new compact mobile technician station that contains all the tools necessary to help you troubleshoot, and resolve, any issues you may be experiencing. 

RED Rover is equipped with a secure industrial computer, loaded with applicable software, a high definition 360-degree camera and all the essential measurement tools and equipment an automation professional utilizes. Once RED Rover is enabled, our engineers can connect directly to the interface via a secured private network and can work with your qualified on-site personnel to see what they see via cameras, and direct them to plug in cables or connect measuring devices, all while accessing the systems via the computer. It’s just as if we were on site! 

Added benefits to RED Rover are that you can rent it by the day when troubleshooting or addressing operational issues, or rent it by the month and keep it on hand for regular maintenance. Once the work is complete, you can unplug, power down, or even pack up the system so there is no concern about unauthorized access.

Does conventional secure remote access better suit your needs?  We can help you in that case as well; we are able to follow your remote access processes and/or apply RED Group’s.

If you’re interested in adding RED Rover to your industrial controls package, we invite you to reach out to us to learn more.

RED Group Announces New Name and Rebrand With Launch of New Website

Posted on April 9, 2020 by - Uncategorized

RED Group is excited to announce the completion of the company’s rename and rebrand project with the launch of a new website. In late 2019, Remont Engineering & Design Group, LLC embarked on a project to rename and rebrand the company to better position itself with its customers and key industries. The leadership team partnered with Brew Agency, a full-service branding and advertising agency based in Baton Rouge, LA dedicated to providing service to its customers with a collaborative, personalized approach. Together they explored the company’s overall business strategy, customer segments and brand strategy to develop the name and new identity for the organization.

RED Group and its new brand image reflect the company’s passion for delivering value and peace of mind to its clients. Our hope is that we have shown our unwavering commitment to quality control, fit for purpose design and impeccable support that we can deliver to all of our clients.

The company’s new website is more user-friendly and offers an updated design and modern layout for an intuitive flow of information for the visitor. Focusing on the company’s areas of expertise and key industries were essential to ensure we provide the right information to our target customers.

RED Group’s flagship product, RED Alert, is showcased and given high priority within the website. RED Alert, an industrial controls and SCADA platform, provides the best-in class control systems technology, coupled with the flexibility of enabling RED Group to customize the solution. With RED Alert, we’ve designed a platform that doesn’t require the wheel to be reinvented. As a hybrid solution, about 70% of the SCADA system/interface is pre-created and ready to go. The rest of the product is ready to be customized so it tailor fits any organization’s unique needs. 

Everyone at RED Group is excited to launch our new brand and website and take another step forward for our organization. Take a look and let us know what you think.

Take Control and Go Remote With RED Alert

Posted on March 30, 2020 by - Uncategorized

Operating critical infrastructure in today’s world can be a daunting task for some, but it doesn’t have to be. RED Group can offer a variety of services to help you optimize your team’s interactions with the critical systems while also providing a customized remote monitoring program to provide peace of mind.

RED Alert is our premier industrial controls and hosted SCADA technology platform offering a unique hybrid solution which allows us to use a pre-created interface, but then customize it to fit your organization. By hosting the software, we can help store, collect and process data real-time, and our team of professionals can interpret the data to help you make better operational decisions.

Go remote with three months of free hosted SCADA with RED Alert

Utilize our RED Alert controller combined with RED Alert hosted SCADA for three months without the monthly subscription service charge. Only pay for customization and installation services, and at the end of the three month period, simply return the hardware. Our hope is for you to see a significant value by using our RED Alert system. And if you do, elect to keep the hardware, and we’ll invoice you for it. Continue using the RED Alert SCADA system through our monthly subscription service. Contact us today to learn more about this special offer!

RED Group Named to Inc. 5000 List

Posted on August 14, 2019 by - Uncategorized

RED Group is pleased to announce our rank as No. 3998 on the 2019 Inc. 5000 list, the most prestigious ranking of the nation’s fastest-growing private companies. Started in 1982, this prestigious list has become the hallmark of entrepreneurial success.

We are honored to be listed among so many other innovative and successful organizations. As the industrial control systems industry continues to evolve, we are driving change in our own operational processes across the services we provide. 

Our team’s hard work and dedication is the main reason we’ve been able to grow RED Group and reach this milestone of making the Inc. 5000 list. We have always had a focus on building a strong, positive culture that encourages teamwork and provides team members with the tools and authority to succeed.

We could not be where we are today without the support of our clients, many of whom have been with us since the beginning. It’s been a great journey and we’re even more excited about the innovations we have planned in the coming years that will bring even more value to our clients. 

We invite you to learn more about the Inc. 5000 list and how it is compiled.