Choosing the Right Secure Remote Access Solution for OT: What to Consider in Today’s Digital Age
In today’s dynamic digital realm, businesses are tasked not just with keeping stride, but with charting their unique path
ICS/OT Cybersecurity: 2023’s Challenges and Tomorrow’s Defenses
As the threats to industrial control systems evolve, our strategies and tactics as network defenders must keep apace. To aid in this effort, SANS has recently released the results of an ICS/OT cybersecurity survey, which polls security practitioners and decision makers from a wide range of industrial verticals, including energy, chemical, critical manufacturing, nuclear, water management and others. This survey provides us with valuable insights into the nature of the real-world threats that control systems operators face every day. It also yields a wealth of information about industry trends and ICS/OT security priorities, from the field. Read RMC’s main takeaways below.
Most organizations still have immature ICS/OT security programs
When asked about planned future initiatives to improve ICS security, survey participants’ top responses indicated a focus on foundational components of any OT security program, such as increased asset visibility, intrusion detection systems, better physical security, and cybersecurity education and training.
There is increased interest in conducting risk assessments and penetration tests in ICS/OT environments
Survey participants are more commonly performing risk-based assessments, including penetration tests, to identify gaps in security controls within their ICS/OT environments.
The penetration tests tend to be conducted at the higher levels of the Purdue Model (3-5). The objective is to identify attack paths from the enterprise network to the ICS network, or vice versa. Penetration tests can provide important insights, but are most effective for more mature OT environments where previously identified vulnerabilities have already been addressed.
RMC is here to help
Although foundational investments are a necessary component of any ICS/OT security program, program design, sequencing, prioritization of investments, and proper coordination must be considered from the start to maximize risk reduction. We support you to:
- Help you understand your program’s maturity and adherence to OT security best practices
- Help you set realistic goals for your ICS/OT environments, and help you achieve them
- Suggest and implement security solutions tailored to your business goals and regulatory requirements
- Implement safe, complete, and effective security controls
- Identify vulnerabilities actively placing your operations and infrastructure at risk
For large organizations, building a strong relationship between security leadership and sites is key to efficient project execution. Improving cybersecurity in ICS/OT environments requires a coordinated effort between enterprise IT (security) teams, site leadership, plant engineers, vendors, integrators, and more. RMC can help foster these relationships, aligning your program’s cybersecurity goals with your sites, achieving buy-in, and building a positive and proactive security culture. During our engagements, we follow these guiding principles:
- Speak the sites’ language and build trust between the program and the sites
- Foster increased cybersecurity awareness with site personnel and leadership
- Communicate the goals of our proven assessment methodology – we are there to help, not audit
- Share insights to inform funding decisions for system upgrades and process redesigns
How can RMC help your organization?
Contact us today: [email protected]
Be sure to follow RMC Global on LinkedIn, and bookmark our News & Perspectives website to stay apprised of industry insights and topical advice on establishing cyber resiliency in OT environments.
RMC Approved as DoD SkillBridge Provider
ARLINGTON, Va., September 11, 2023 — RMC Global, the leader in Mission Assurance, Risk Management, and Industrial Cybersecurity solutions, is pleased to announce that it is now an authorized provider of the Department of Defense (DoD) SkillBridge program, which allows employers to provide internships and pre-apprenticeship opportunities to over 200,000 service members annually who transition from active duty into the civilian world.
As an authorized SkillBridge provider, RMC is excited to develop opportunities for SkillBridge participants in high-growth functional areas such as risk management, cybersecurity, intelligence, and critical infrastructure protection. The program is available to service members who are approaching the 6-month mark before their end of active service, providing transitioning service members with the opportunity to experience the civilian professional world, all while still receiving military pay and its associated benefits. During the program, participants can explore possible career paths, gain valuable industry knowledge, and further develop their skills to prepare for success in today’s job market.
“As a DOD SkillBridge authorized partner, RMC will benefit tremendously from the myriad skills of transitioning service members. As an Army Veteran and current member of the Washington State National Guard, I also recognize how important this program can be for those leaving a life of service and stepping into the civilian professional world for the first time,” said Vince Kuchar, CEO of RMC. “At RMC, we are proud of our military veterans, who make up more than half of our workforce and we look forward to hiring many more as we continue to grow to serve both federal and commercial clients.”
RMC has supported transitioning service members since its inception, and nearly 60% of RMC’s workforce has served in the armed forces. RMC is proud to have supervisors who have been awarded the “Patriotic Employer” designation by the Office of the Secretary of Defense, Employer Support of the Guard and Reserve (OSD, ESGR), which reflects RMC’s wide-ranging support to citizen warriors, including flexible schedules, time off prior to and after deployment, caring for families, and granting leaves of absence if needed.
“At RMC, our mission-oriented culture in many ways reflects some aspects of military service. As a Marine Corps Veteran, I am proud that one of our core company values is to relentlessly pursue impact and service, and to me, becoming part of the DoD SkillBridge program feels like a natural fit for us,” said Brent Hyland, COO of RMC. “It allows us to both create impact by channeling the amazing skillsets of transitioning service members while simultaneously serving the community by providing a structured process to help ease the difficulties associated with transitioning into civilian life.”
About RMC
RMC provides a full lifecycle of Mission Assurance and risk management solutions, with deep expertise in critical infrastructure protection and industrial cybersecurity, to protect our country’s most important and vital assets. Operating worldwide, RMC provides federal government and commercial organizations the analysis, assessments, strategy and remediation required to protect personnel, facilities, networks, and critical infrastructure. Founded in 2011, RMC is headquartered in Arlington, Virginia. www.RMCGlobal.com
AI’s Impact on OT Cybersecurity: The Double-Edged Sword of Innovation
The advent of generative AI technologies, most notably ChatGPT, has brought about both excitement and apprehension within the Operational Technology (OT) cybersecurity community. Among the latest advancements in this domain is PentestGPT, a specialized tool adept at conducting automated penetration tests, a cornerstone in pinpointing security vulnerabilities.
The Role of Cybersecurity Assessments in Building a Resilient OT Environment
As the demand for operational technology (OT) security services rises, cybersecurity managers and executive-level CISOs are facing the challenge of securing their organization’s OT assets and industrial environments. While their expertise may primarily and traditionally lie in overseeing IT security, the complexities of the OT landscape present new and quickly evolving operational risks and vulnerabilities.
RMC Global Awarded $35M U.S. Navy Mission Assurance Program Contract
ARLINGTON, Va., June 20, 2023 – RMC Global, the leader in Risk Management, Industrial Cybersecurity, and Mission Assurance services, is pleased to announce the award of a 5-year, $35M U.S. Navy contract supporting the Mission Assurance Program at Naval Surface Warfare Center Dahlgren Division (NSWCDD), Cyber Analysis and Mission Assurance Branch (A42). RMC, along with the global consulting and technology services provider ICF, will continue to provide technical analysis and engineering support for mission assurance, defense and commercial critical infrastructure, and their cyber and physical dependencies, at CONUS and OCONUS locations. This support includes telecommunications, energy security, and control systems analysis, as well as systems engineering and program analysis.
“RMC Global is excited to continue its support to the Defense Critical Infrastructure Program, which plays an instrumental role in preventing, remediating, and mitigating risks to our nation’s critical infrastructure assets,” said Vince Kuchar, CEO of RMC Global. “This important work furthers RMC’s vision of assuring tomorrow for critical infrastructure, our military missions, and the communities they serve.”
Through this award, the government has once again recognized RMC as the company of choice for Mission Assurance and Critical Infrastructure Protection (CIP) services across the Department of Defense. Since 2016, RMC has been providing vital CIP services for NSWCDD and through this contract win, the expanded scope will include anti-terrorism force-protection, homeland defense, emergency management, chemical and biological defense, threat intelligence, CIP, and cyber warfare.
About RMC Global
RMC provides a full lifecycle of Mission Assurance and risk management solutions, with deep expertise in critical infrastructure protection and industrial cybersecurity, to protect our country’s most important and vital assets. Operating worldwide, RMC provides federal government and commercial organizations the analysis, assessments, strategy and remediation required to protect personnel, facilities, networks, and critical infrastructure. Founded in 2011, RMC is headquartered in Arlington, Virginia. www.RMCGlobal.com
OT Cyber Coalition Welcomes RMC Global as Newest Member
Washington, DC, June 8, 2023 – Today, the Operational Technology Cybersecurity Coalition (OT Cyber Coalition) announced that RMC Global will join the diverse group of leading cybersecurity vendors in support of the organization’s effort to enhance the resiliency of the nation’s critical infrastructure. RMC is the 16th company to join the OT Cyber Coalition since its launch in April 2022.
“The addition of RMC further bolsters our coalition’s ability to inform federal policies in the most comprehensive way possible to enhance our collective cyber posture for operational technology,” said Andrew Howell, Executive Director, OT Cyber Coalition. “We look forward to bringing their expertise to bear in our efforts to move the needle on solutions needed to make the United States the leader in hardening our critical infrastructure for current as well as future threats.”
RMC protects and prepares government and commercial partners with risk management, mission assurance, and industrial cybersecurity solutions which allow their customers to prevail in an evolving threat environment.
“RMC is proud to be a member of the OT Cyber Coalition and play a part in illuminating OT cyber risks and advocating for meaningful OT cybersecurity policies,” said Vince Kuchar, CEO of RMC Global. “As a leading provider of ICS/OT cybersecurity services to federal and commercial customers, we believe that constructive dialog between industry and government will help produce meaningful change toward our vision of assuring tomorrow for critical infrastructure, our military missions, and the communities they serve. We look forward to collaborating with industry and government partners to advance this important domain of cybersecurity.”
More information about the OT Cyber Coalition is available on the coalition’s website, otcybercoalition.org.
About RMC Global
RMC provides a full lifecycle of Mission Assurance and risk management solutions, with deep expertise in critical infrastructure protection and industrial cybersecurity, to protect our country’s most important and vital assets. Operating worldwide, RMC provides federal government and commercial organizations the analysis, assessments, strategy and remediation required to protect personnel, facilities, networks, and critical infrastructure. Founded in 2011, RMC has offices in Destin, Florida, and Arlington, Virginia. www.RMCGlobal.com
About the OT Cyber Coalition
The Operational Technology Cybersecurity Coalition is a diverse group of leading cybersecurity vendors dedicated to improving the cybersecurity of OT environments. Representing the entire OT lifecycle, the OT Cyber Coalition believes that the strongest, most effective approach to securing our nation’s critical infrastructure is one that is open, vendor-neutral, and allows for diverse solutions and information sharing without compromising cybersecurity defenses. The OT Cyber Coalition was founded by Claroty, Forescout, Honeywell, Nozomi Networks, and Tenable in 2022. For more information, visit https://www.otcybercoalition.org/.
RMC Announces Sponsorship of the SANS Institute’s 2023 ICS/OT Cybersecurity Survey
ARLINGTON, Va., April 24, 2023 – RMC, the leader in Risk Management, Industrial Cybersecurity, and Mission Assurance services is a proud sponsor of the SANS Institute’s 2023 ICS/OT Cybersecurity Survey. As a leading provider of ICS/OT cybersecurity services, we recognize the importance of understanding the evolving threat landscape to provide the best possible services to our commercial and federal clients.
The survey is now open for responses and we encourage all ICS/OT security practitioners to provide your valuable input. Your participation is critical to help the community better understand the ever-changing ICS threat landscape and explore how critical infrastructure defenders across all sectors are constantly adapting to address new challenges and threats.
The SANS Institute has a long-standing reputation for excellence in cybersecurity research and education, and their annual survey provides valuable insights into the state of ICS/OT cybersecurity. The results of the survey will help organizations, governments, and security providers understand the current risks facing critical infrastructure and make informed decisions about how to mitigate them.
As a sponsor of this important initiative, RMC is committed to promoting awareness of the survey and encouraging participation from all corners of the industry. By working together, we can help to Assure Tomorrow for critical infrastructure and the communities it serves.
Best regards,
Vince Kuchar
CEO, RMC Global