How to Select Secure OT Vendors for Your Infrastructure Needs
At the heart of smart city innovation lies Advanced Metering Infrastructure (AMI), a pivotal technology reshaping energy management and consumption.
From Trust to Threat: The XZ Utils Backdoor and Its Impact on OT Security
As the landscape of cybersecurity continues to change, it’s not uncommon to encounter threats that redefine our understanding of vulnerability and resilience.
Risk Mitigation Consulting Acquires Securicon, Advancing Cybersecurity and Mission Assurance Offerings
ARLINGTON, Va., April 22, 2024 – Risk Mitigation Consulting (RMC), a premier provider of risk management and industrial cybersecurity solutions for critical infrastructure and critical missions, today announced its acquisition of Securicon, a cybersecurity services provider based in Alexandria, Virginia.
“This acquisition marks a significant milestone for RMC, enhancing our substantial expertise in critical infrastructure protection and industrial cybersecurity,” said Vince Kuchar, CEO of RMC. “Securicon brings RMC new capabilities and domain knowledge, including device penetration testing, deeper experience in the energy sector, full spectrum coverage of Information Technology and operational technology cybersecurity services, and a broader government portfolio. This acquisition reinforces RMC’s commitment to safeguarding the nation’s most critical and vital assets, bolstering our vision of assuring tomorrow.”
Enhanced Benefits from the Acquisition:
- Comprehensive Solutions: The combined expertise of RMC and Securicon offers more robust solutions spanning IT & OT cybersecurity and risk management.
- Global Reach and Impact: RMC’s global presence, coupled with Securicon’s specialized industry knowledge, creates a formidable force in the industry.
- Innovation and Agility: The merger fosters an environment of innovation, allowing for rapid adaptation to changing security landscapes.
“It’s a merger of mindsets and missions. We’re bringing together some of the brightest in the industry and are aligned to create a safer, more secure future. Like Securicon, RMC places integrity and authenticity at its core, for both its employees and customers. I genuinely look forward to RMC’s growth and future success,” said Securicon’s retiring CEO, Paul Hurley.
About Risk Mitigation Consulting:
RMC is a global leader in providing comprehensive Mission Assurance and risk management solutions. With a focus on critical infrastructure protection and industrial cybersecurity, RMC is dedicated to protecting the nation’s vital assets. More information can be found at www.rmcglobal.com and on LinkedIn.
About Securicon:
Specializing in both Information Technology and Operational Technology cybersecurity services, Securicon offers technical consulting services; governance, risk, and compliance; and federal security services for both commercial and government clients. With its roots in the U.S. Federal government, commercial energy and other utility sectors, Securicon offers unparalleled expertise in information cybersecurity solutions.
Media Contact:
Jared Koch
jkoch@rmcglobal.com
AMI: the Key to Safeguarding Smart Cities & Urban Energy
At the heart of smart city innovation lies Advanced Metering Infrastructure (AMI), a pivotal technology reshaping energy management and consumption.
The Art of OT Vulnerability Management: Striking the Right Balance
We aim to unravel the complexities of OT vulnerability management, incorporating insights from RMC industry experts and leading practices.
Navigating the Cyber Storm: Understanding Ransomware’s Impact on OT
Understanding the motives of ransomware groups is vital for shaping effective cybersecurity strategies in OT environments.
Strengthening Your Digital Fortress: How Password Cracking Helps Pinpoint Vulnerabilities
Our expertise in operational technology (OT) / industrial control systems (ICS) is driven by a mission to ensure resilience and security in our digital world.
Bridging Compliance and Security: A Look at GxP and Cybersecurity in Pharma & Consumer Health
Strategic understanding is becoming increasingly necessary to ensure regulation compliance of digital systems.
Choosing the Right Secure Remote Access Solution for OT: What to Consider in Today’s Digital Age
In today’s dynamic digital realm, businesses are tasked not just with keeping stride, but with charting their unique path
ICS/OT Cybersecurity: 2023’s Challenges and Tomorrow’s Defenses
As the threats to industrial control systems evolve, our strategies and tactics as network defenders must keep apace. To aid in this effort, SANS has recently released the results of an ICS/OT cybersecurity survey, which polls security practitioners and decision makers from a wide range of industrial verticals, including energy, chemical, critical manufacturing, nuclear, water management and others. This survey provides us with valuable insights into the nature of the real-world threats that control systems operators face every day. It also yields a wealth of information about industry trends and ICS/OT security priorities, from the field. Read RMC’s main takeaways below.
Most organizations still have immature ICS/OT security programs
When asked about planned future initiatives to improve ICS security, survey participants’ top responses indicated a focus on foundational components of any OT security program, such as increased asset visibility, intrusion detection systems, better physical security, and cybersecurity education and training.
There is increased interest in conducting risk assessments and penetration tests in ICS/OT environments
Survey participants are more commonly performing risk-based assessments, including penetration tests, to identify gaps in security controls within their ICS/OT environments.
The penetration tests tend to be conducted at the higher levels of the Purdue Model (3-5). The objective is to identify attack paths from the enterprise network to the ICS network, or vice versa. Penetration tests can provide important insights, but are most effective for more mature OT environments where previously identified vulnerabilities have already been addressed.
RMC is here to help
Although foundational investments are a necessary component of any ICS/OT security program, program design, sequencing, prioritization of investments, and proper coordination must be considered from the start to maximize risk reduction. We support you to:
- Help you understand your program’s maturity and adherence to OT security best practices
- Help you set realistic goals for your ICS/OT environments, and help you achieve them
- Suggest and implement security solutions tailored to your business goals and regulatory requirements
- Implement safe, complete, and effective security controls
- Identify vulnerabilities actively placing your operations and infrastructure at risk
For large organizations, building a strong relationship between security leadership and sites is key to efficient project execution. Improving cybersecurity in ICS/OT environments requires a coordinated effort between enterprise IT (security) teams, site leadership, plant engineers, vendors, integrators, and more. RMC can help foster these relationships, aligning your program’s cybersecurity goals with your sites, achieving buy-in, and building a positive and proactive security culture. During our engagements, we follow these guiding principles:
- Speak the sites’ language and build trust between the program and the sites
- Foster increased cybersecurity awareness with site personnel and leadership
- Communicate the goals of our proven assessment methodology – we are there to help, not audit
- Share insights to inform funding decisions for system upgrades and process redesigns
How can RMC help your organization?
Contact us today: sales@rmcglobal.com
Be sure to follow RMC Global on LinkedIn, and bookmark our News & Perspectives website to stay apprised of industry insights and topical advice on establishing cyber resiliency in OT environments.
