Cybersecurity risk management application for industrial control systems
Citicus has launched Citicus ICS, a new application to manage industrial process control risk. This enables organizations to identify and manage risks to SCADA and other process control systems, such as those supporting electricity generation, oil and gas production, water distribution and factory automation.
These processes are the keystones of the critical national infrastructure – which is now facing an increasing number of threats.
Citicus’ model for measuring risk has been uniquely developed from the world’s largest set of data on what causes IT systems to suffer incidents. Citicus ICS extends this to optimize the specific ways in which risk factors should be evaluated for industrial control systems – using criticality assessments, balanced risk scorecards and supporting control and threat checklists.
The use of ‘risk dependency mapping’ helps to identify and track inter-dependencies between control systems, other IT systems and key parts of the risk chain, including external suppliers and the services they provide.
Citicus ICS incorporates a knowledge base of key controls drawn from recognized specialist standards from the US NIST, the UK Centre for the Protection of National Infrastructure (CPNI) and other bodies. Citicus’ research and development of the new application was completed in partnership with organizations in the electricity, water and food production industries, and was part-funded by the UK Government’s Technology Strategy Board.
Citicus ICS is available from Citicus as an installable software application or as software-as-a-service.