case studies
Power
HomeCase Studies → Take the Power Back from Your Industrial Control System

Take the Power Back from Your Industrial Control System

Threat Landscape

All industries are vulnerable to cyber attacks, but utilities are a prime target for hackers. An attack to a utility company’s Industrial Control System (ICS) presents great risk by potentially exhausting reserve fuel, causing shortages to potable water, impacting the ability to treat sewage, straining public order, forcing residents to leave an area to seek a reliable supply of water and electricity, and devastatingly hitting commerce. An attack on the power grid could be similar to a natural disaster — except we know when natural disasters end.

Challenge

One of the largest private energy organizations in the U.S. was worried about the exposure of their control center networks to a cyber attack. Prior to engaging us, the organization implemented common security approaches and techniques to address this problem but wanted to validate their approach with a third-party cyber security specialist.

Solution

We created a model simulating the client’s network to assess its adherence to security configuration standards and simulate the possible attack vectors that threatened it. After 12 weeks of rigorous testing and analyses, our team formulated their assessment. The company’s leaders were then able to identify and remediate control center vulnerabilities, thereby lowering the level of risk to their operations.

Results
  • Revealed vulnerabilities in operations that would result in material implications if breached
  • Moved from a check-box approach to security to a tailored, enterprise program
  • Brought renewed confidence in the organization’s security posture

Protect your ICS. Call us:
Americas: +1.212.981.6540
EMEA: +44.20.7061.2200



Cyber security services offered by Stroz Friedberg Inc. and its affiliates. Insurance products and services offered by Aon Risk Insurance Services West, Inc., Aon Risk Services Central, Inc., Aon Risk Services Northeast, Inc., Aon Risk Services Southwest, Inc., and Aon Risk Services, Inc. of Florida and their licensed affiliates. Aon UK Limited is authorised and regulated by the Financial Conduct Authority in respect of insurance distribution services. FP.AGRC.238.JJ The following products or services are not regulated by the Financial Conduct Authority:
• Cyber risk services provided by Aon UK Limited and its affiliates
• Cyber security services provided by Stroz Friedberg Limited and its affiliates.


Copyright 2021 Aon plc. All Rights Reserved.


Copyright 2021 Aon plc. All Rights Reserved.
Cyber security services offered by Stroz Friedberg Inc. and its affiliates. Insurance products and services offered by Aon Risk Insurance Services West, Inc., Aon Risk Services Central, Inc., Aon Risk Services Northeast, Inc., Aon Risk Services Southwest, Inc., and Aon Risk Services, Inc. of Florida and their licensed affiliates. Aon UK Limited is authorised and regulated by the Financial Conduct Authority in respect of insurance distribution services. FP.AGRC.238.JJ The following products or services are not regulated by the Financial Conduct Authority:
• Cyber risk services provided by Aon UK Limited and its affiliates
• Cyber security services provided by Stroz Friedberg Limited and its affiliates.