Critical Infrastructure systems are essential for the function of nations and hold global economic significance. An increasing number of security and operational incidents arising from human error/hostility, natural disasters and cyber-attacks have emphasized the need to ensure and maintain stable, resilient, protected and safe operations, as impaired function or performance could develop into a national concern.

Soteria provides progressive methods, training and technology tools; the fruit of a productive collaboration between leading industry engineers and cyber experts to prevent, monitor, detect and remediate the full range of physical and cyber threats to OT and IT systems. The solutions are tailored to specific industries and applications to enable adequate monitoring of the industrial environment in order to detect anomalies and respond to security and safety incidents.

Monitoring and Detection Platforms for Critical Infrastructure

Our ICS/SCADA monitoring and detection technology platforms provide clear visibility into critical infrastructure network functionalities, monitoring all communication and physical interfaces and detecting anomalies in terms of proper operation, security and safety risks. We provide unique platforms tailored to the specific industry and customer environment, specifying the essence of all subsystem functionalities and the requested levels of service, security and safety, developing compatible solution architecture and configuring technological and cyber sensors accordingly.

  • Maximize uptime.
  • Investigate suspicious behavior and policy violations.
  • Alert on attack attempts based on both signal and anomaly-based detection.
  • Asset discovery (the system passively maps the network) and vulnerability assessments which identify vulnerabilities and criticality important assets within the AWS environment.
SOC/NOC Establishment for Critical Infrastructure

Soteria establishes solutions for centralized network operations integrated within the framework of security and safety control centers serving the physical, IT and SCADA environments. We allocate designated teams comprised of cyber and industry experts according to the clients’ industry sector, providing a wide umbrella of knowledge, solutions and services to cover the entire range of security and safety considerations required to operate essential services and critical infrastructures.

SOC/NOC establishment methodology:

  1. Identification and adequate specification of the relevant industrial systems and their operation.
  2. Identification and adequate specification of interfaces with external systems.
  3. Logical and physical separation of the industrial network from the IT computer network.
  4. Identification of probable cyber and physical risks to the industrial and IT networks.
  5. Implementing cyber and physical protection controls (procedures and tools) accordingly.
  6. Implementing cyber and physical detection controls (procedures and tools) accordingly.
  7. Implementing general and cyber security response controls with minimum disruption to the contingency of the critical infrastructure operation.
  8. Issuing an adequate contingency plan, ensuring systems redundancy that allows for remediation with minimal stoppage time and collateral damage.
  9. Detailed design of SOC procedures and technology, installation and implementation, providing on-the-job training until complete independence of the client is achieved.
SoteriaSIMS Solutions for Critical Infrastructure

Soteria’s cyber training simulation platforms provide a competitive, real-world environment to train cyber analysts and ethical hackers against advanced attack-defense scenarios developed by field experts. The platform allows constant training against relevant attack scenarios and prepares personnel for the day after graduation. Student activity and performance are tracked and analyzed, allowing instructors to assess student capabilities and progress. Scenarios are constantly updated according to client needs and industry trends.

Training scenarios examples:

  • Airplanes: Hackers taking control of airplane flight systems;
  • Railways: Penetrating the railway’s main signalling and control systems altering and affecting vital operational elements: train location indicators, speed, rail switches control and monitoring, and signalling systems tampering.
  • Oil & Gas – Information theft and damage to Oil & Gas Corporation.
  • Physical penetration simulation and protection of secured critical asset.
Critical Infrastructure Physical Safety & Security Controls

Critical Infrastructure facilities are essential for the function of nations and hold global economic significance. An increasing number of security and operational incidents arising from human error/hostility, natural disasters and cyber-attacks emphasize the need to ensure and maintain stable, resilient, protected and safe facilities, as impaired function and performance could result in a physical and financial threat to commercial and state interests.

Soteria’s solutions for critical infrastructure safety and security address onshore, offshore and coastal asset threats, and are designed to meet any unique set of risks. We provide flexible, scalable solutions that ensure the maximum level of security and safety by merging multi-layered platforms such as: surveillance systems, smart perimeter, intelligence platforms, control systems, access management, and more, in order to perpetually foresee and prevent threats, ensure uninterrupted and ongoing operations and create a safer and more secure internal and external environment.

This new generation of terror activities fueled by extremist ideologies employ new types of methods and require a different security approach, based on the following principles:

  • Intimidation – causing the terrorist to give up the target (the facility)
  • Prevention – making it difficult to penetrate the inner circle (of the facility)
  • Reaction – immediate response by local highly-trained guards until the arrival of external forces, to mitigate damage.

Soteria provides the following critical asset security services:

  • Preliminary survey mapping the threats, needs and security structure in order to plan, design and advise the best solution for the client organization
  • Planning, designing and customizing the ideal solutions in accordance with client requirements.
  • Upgrades of exciting systems and infrastructure.
  • Turnkey projects, tailor-made based on need and client budget.
  • Project supervision and hand-in-hand advisory services.
  • Security forces training, knowledge transfer and OJT.
  • Providing in-depth documentation and technical information upon customer need and requests.