English
  • Russian
  • Korean
  • Support
Positive Technologies
English
  • Russian
  • Korean
  • Solutions
    ICS/SCADA

    Critical infrastructure on the frontline

    Vulnerability Management

    Stop being an easy target

    Financial Services

    Can your security keep up with you?

    Protection from targeted attacks (anti-apt)

    Early detection, rapid investigation

    PT Industrial Cybersecurity Suite

    PT ICS is an integrated platform for cyberthreat detection and response in industrial systems

    Utilities

    Industrial-grade cybersecurity

    ERP Security

    Take control of your ERP security

    Security Compliance

    Turn policies into protection

    View all →
  • Products
    MaxPatrol 8

    Vulnerability and compliance management system.

    MaxPatrol SIEM

    Knows your infrastructure, delivers pinpoint detection.

    PT Application Firewall

    Intelligent protection of business applications.

    PT Application Inspector

    Source code analysis tool.

    PT ISIM

    Cyberthreat detection and incident response in ICS.

    PT Network Attack Discovery

    NDR system to detect attacks on the perimeter and inside the network.

    PT Sandbox

    Advanced sandbox with customizable virtual environments

    XSpider

    Vulnerability scanner.

    MaxPatrol VM

    Next-generation vulnerability management system.

    MaxPatrol SIEM All-in-One

    Full-featured SIEM for mid-sized IT infrastructures.

    PT MultiScanner

    Multilayered protection against malware attacks.

    PT BlackBox

    Dynamic application security testing tool

    View all →
  • Services
    ICS/SCADA Security Assessment

    Full Range of ICS-specific Security Services

    ATM Security Assessments

    Uncover Your Weaknesses

    Web Application Security Services

    Black Box and White Box Analysis

    Mobile Application Security Services

    Security Analysis and Compliance Audit

    Custom Application Security Services

    Independent Expert Analysis of Your Source Code

    Penetration Testing

    A Comprehensive Approach

    Forensic Investigation Services

    Prevent Future Incidents

    Advanced Border Control

    Upgrade Your View of Perimeter Security

    View all →
  • Analytics
    Threatscape
    PT ESC Threat Intelligence
    Cybersecurity glossary
    Knowledge base
    View all →
  • Partners
    Authorized Partners
    Distributors
    Technology Partners
    View all →
  • About
    Clients
    Press
    News
    Events
    Contacts
    Documents and Materials
    View all →
Menu
  • Home
  • Solutions
  • Utilities

Utilities

To keep your utility safe and online, Positive Technologies can help to proactively identify ICS-specific vulnerabilities and potential attack vectors, assess and prioritize threats, and remediate weaknesses.

Critical Services at High Risk for Attack
Resources
Video
News
Contact us

Industrial-Grade Cybersecurity

For decades now, industrial control systems (ICS), including supervisory control and data acquisition (SCADA) systems, have helped utilities to automate critical infrastructure. In the past, utilities often relied on "security through obscurity." Since these systems were highly customized, proprietary, and isolated, utilities assumed that only someone with specialized inside knowledge could gain access. That comforting assumption is no longer the case.

Utilities are increasingly using standard technologies, including hardware, operating systems, and databases, as well as open industrial protocols such as IEC 60870-5-104, distributed network protocol 3 (DNP3), and MMS/GOOSE (IEC 61850). Global initiatives—for example, operational technology (OT) platform convergence—are fueling this trend and will result in more ICS and SCADA equipment becoming connected to corporate networks.

Critical Services at High Risk for Attack

While technology convergence can improve efficiencies, enrich customer service, and reduce operating costs, it also dramatically increases the risk of critical services falling victim to a cyberattack.

Consider this: while conducting an ICS research study, the experts at Positive Technologies were able to remotely access more than 200,000 solar power stations because of a weak password encryption algorithm in the web server of one smart-grid manufacturer.

Security shortcomings like these are all too common. They leave your utility vulnerable to the full range of IT security risks, including cyberwarfare, and put entire populations at risk of losing basic services.

Common security problems that Positive Technologies has identified based on its experience performing ICS security assessments include:

  • Uncontrolled connections—ICS components that should have strictly limited access are made vulnerable by unauthorized or unreported links to corporate networks or portable devices, often resulting from operators bypassing security settings on human machine interface (HMI) stations.
  • Threats to system availability—non-ICS-specific malware or viruses are introduced to ICS components, causing system damage or downtime by triggering machine reboots or changing basic configurations.
  • Password policy violations—when ICS systems become accessible via the Internet, default or weak passwords leave them exposed to cyberattacks.

Find Your Weaknesses

To keep your control systems both secure and operational, Positive Technologies can help you to proactively identify vulnerabilities and potential attack vectors, assess and prioritize threats, and remediate weaknesses, with a top-to-bottom approach that includes:

  • ICS-specific security assessments from researching user activity to penetration testing, audits, and compliance checks; we take into account the very different security assessment goals, threat models, operational procedures, and organizational complexity that set utilities apart from other enterprises.
  • Close cooperation with such leading ICS vendors as Honeywell, Schneider Electric, and Siemens. The regular security audits we conduct on these large-scale systems give us a full understanding of how to detect vulnerabilities and how to work with the vendor community to permanently eliminate them.

Get Smarter About Protecting Your ICS Investments

Smart grids and smart homes may be the future, but "smart" means that your services are always available, and therefore outages and interruptions from cyberattacks are unacceptable. When your ICS is exposed to a network, it is open to all of the network’s risks. ICS security cannot be effectively managed in isolation as separate segments or technologies, so you must consider a unified approach across all systems.

Positive Technologies helps many large manufacturing, petrochemical, utility, and transportation companies meet their ICS security challenges head-on. With unrivalled expertise in critical infrastructure protection backed by one of the world’s top research teams, Positive Technologies is the ideal partner to help you secure your ICS networks from bad actors so you can "keep the lights on".

Resources

Case Study—Hanwha
ICS/SCADA Solution Brief

Video

January 5, 2015
Hanwha

News

December 12, 2019 Positive Technologies assists Siemens with eliminating dangerous vulnerabilities in utility control system
November 8, 2018 Positive Technologies releases world's first free ICS security monitoring solution
June 27, 2018 PT ISIM confirmed by testing as fully compatible with Siemens industrial network components
All news →

Contact us

By clicking Send you give your free and explicit consent to process your personal data and agree to our Privacy Policy

Company Services

  • ICS/SCADA Security Assessment
  • ATM Security Assessments
  • Web Application Security Services
  • Mobile Application Security Services
  • Custom Application Security Services
  • Penetration Testing
  • Forensic Investigation Services
  • Advanced Border Control

Company Products

  • MaxPatrol VM
  • PT Sandbox
  • MaxPatrol SIEM All-in-One
  • XSpider
  • PT Network Attack Discovery
  • MaxPatrol SIEM
  • PT BlackBox
  • MaxPatrol 8
  • PT Application Firewall
  • PT Application Inspector
  • PT ISIM
  • PT MultiScanner
Solutions
  • ICS/SCADA
  • Vulnerability Management
  • Financial Services
  • Protection from targeted attacks (anti-apt)
  • PT Industrial Cybersecurity Suite
  • Utilities
  • ERP Security
  • Security Compliance
Products
  • MaxPatrol 8
  • MaxPatrol SIEM
  • PT Application Firewall
  • PT Application Inspector
  • PT ISIM
  • PT Network Attack Discovery
  • PT Sandbox
  • XSpider
  • MaxPatrol VM
  • MaxPatrol SIEM All-in-One
  • PT MultiScanner
  • PT BlackBox
Services
  • ICS/SCADA Security Assessment
  • ATM Security Assessments
  • Web Application Security Services
  • Mobile Application Security Services
  • Custom Application Security Services
  • Penetration Testing
  • Forensic Investigation Services
  • Advanced Border Control
Analytics
  • Threatscape
  • PT ESC Threat Intelligence
  • Cybersecurity glossary
  • Knowledge base
Partners
  • Authorized Partners
  • Distributors
  • Technology Partners
About
  • Clients
  • Press
  • News
  • Events
  • Contacts
  • Documents and Materials
Positive Technologies
Copyright © 2002—2023 Positive Technologies. All Rights Reserved.
Find us:
  • Report a vulnerability
  • Help Portal
  • Terms of Use
  • Privacy Notice
  • Cookie Notice
  • Positive Coordinated Vulnerability Disclosure Policy
  • Sitemap
Copyright © 2002—2023 Positive Technologies. All Rights Reserved.
  • Report a vulnerability
  • Help Portal
  • Terms of Use
  • Privacy Notice
  • Cookie Notice
  • Positive Coordinated Vulnerability Disclosure Policy
  • Sitemap