Our Cybersecurity Offering
GHD Digital | Cybersecurity Capability Statement | 3
4 | Cybersecurity Capability Statement | GHD Digital
GHD Digital Cybersecurity: Delivering end-to-end cybersecurity services to protect critical infrastructure GHD Digital builds on the GHD network of more than 10,000 people, to help companies unlock the potential of digital technologies and generate value for their businesses. GHD Digital helps clients future-proof their businesses with service offerings that cover the entire transformation lifecycle. Our cybersecurity and risk team draws on GHD’s rich history in design, project management and the delivery of major infrastructure projects across multiple sectors including water, energy, transport and buildings; to deliver cybersecurity and risk services and protect critical infrastructure. Our cybersecurity services are built with deep, asset-intensive industry knowledge of our clients. Our services provide visibility and protection for Industrial Control Systems and emerging Smart Technologies, that are delivered by our people with expertise in Operational Technology and IT combined. Leveraging our specialised skills within critical infrastructure, proven methodology and ecosystem of partners, clients benefit from end-to-end cybersecurity services that help to: •
assess cybersecurity readiness
•
protect critical assets
•
provide ongoing cybersecurity management.
At GHD Digital, we provide leading technical solutions that allow our clients to operate in the new digital economy safely and securely and strive to make cybersecurity a ‘business as usual’ activity for all our clients.
Sunil Sharma, Digital Risk and Cybersecurity Lead.
GHD Digital | Cybersecurity Capability Statement | 5
6 | Cybersecurity Capability Statement | GHD Digital
Our cybersecurity offering
The new world order of cybersecurity and risk
GHD Digital’s proven approach and service offering
The amount of data traversing the internet increases daily and the paths of information we generate are constantly vulnerable to attack. Unless an organisation has adequate prevention measures in place to protect against cyber attack, they are putting their information and people at risk.
Our cybersecurity services are focussed around major infrastructure projects whilst protecting critical infrastructure. By applying our methodology and incorporating the threepronged approach to Assess, Protect and Manage, we can help organisations develop a bespoke cyber risk strategy.
Today’s critical infrastructure operators are subject to increasing convergence with IT environments and a proliferating use of Industrial Internet of Things (IIoT) to gain efficiencies and enhance customer experience, whilst also maintaining legacy technology. Such transformations require organisations to tackle the issue of cybersecurity head on with the right skills and solutions focused around critical infrastructure. Whilst the freedom of connectivity is unquestionable and digital transformations inevitable, it increases every organisation’s vulnerability to cyber threats. Organisations must be vigilant and resilient to enable and support the business, minimise risks and optimise new opportunities. With unprecedented cost, reputation and physical safety at stake, the status quo with cybersecurity needs to change. Benefits of a strategic approach to cybersecurity Organisations need the right cybersecurity strategy in place to enable growth and performance. Aligning the strategy with the business will help organisations deliver solutions that enhance the organisation and help to achieve the business strategy. Through a global network of professionals, GHD Digital can provide customisable, security services including strategy development, operational technology risk assessment, vigilant management of threats and resilient incident management processes to meet the increasing market demand in cybersecurity services.
We bring an ecosystem of partners with innovative cybersecurity solutions that help protect critical infrastructures. These solutions include: •
Memory based malware detection and protection of legacy systems
•
Automated critical asset discovery
•
Anomalous network traffic behaviours
•
Threat mitigation
•
Threat intelligence
•
Executive level risk dashboards.
GHD Digital | Cybersecurity Capability Statement | 5
Introduction Our Cybersecurity Services Portfolio By leveraging our specialised skills within critical Riinfrastructure,proven cullabore nus estiandmethodology icius, nonemand quam, ius, ecosystem sit reperi re, ut officia nectotam assimil et atempore of partners, we quo helps clientsrersperis with end-to-end eum et, sandunt elesciis nimi, sit cybersecurity solutionsexpeles that can assess cyber quuntem et aditatiuntio eatumque volorio readiness, protect critical assets, and provide rectianto omniae ommolecuptat pratecta dio ongoing volorpore plici teofporendi management securitytatectem. controls. Offic te doleces tiumqui debitio blaboru ntiaererro blanisi dolo
6 | Cybersecurity Capability Statement | GHD Digital
Assess cyber readiness
With the proliferation of digital innovation, boards and executives are realising the need to understand their posture against the growing cyber threat landscape. Having an actionable security strategy is key to understanding an organisation’s current security posture, cyber risk exposure and effective treatment plan to enable business growth in the digital era.
Operational Technology Risk Assessment Solution Operational Technologies (OT) in asset intensive industries were designed decades ago, before the existence of cyber threats. As such, they were not built with the visibility and security controls common in enterprise IT networks. Today however, ICS networks are no longer isolated, static systems primarily due to IT and OT convergence and increased use of Industrial IOT and Smart Technology. Executives are now demanding greater efficiencies between IT and OT systems leading to increased inter-connectivity, and emerging technologies are inevitable to enrich customer insights and improve operational productivity and visibility. As a result, these networks are exposed to increased internal and external cyber threats leading to operational downtime, safety issues and regulatory pressures such as the recent Critical Infrastructure Act 2018.
Our services include: Cybersecurity Strategy Review Combining decades of global strategy experience within asset intensive industries with our deep knowledge of operational and information technology cybersecurity, we provide boards and executives actionable guidance that preserves their organisation’s objectives and strategy against cyber threats. Our security strategy review methodology takes into consideration an organisation’s business context, risk profile and regulatory requirements to provide pragmatic, prioritised recommendations and a roadmap that maximises return on investment.
Periodic risk assessment is required to maintain good cyber hygiene, reduce operational downtime and mitigate the potential impact of threats. Our solution combines cybersecurity expertise and advanced technologies focussed on OT environments. The solution features passive and active automated asset discovery, vulnerability management, deep packet inspection and machine learning to provide organisations visibility of inherent risks that may exist in their OT environment. Lead by GHD Digital’s cybersecurity consultants, our team provide comprehensive risk reporting to the executive level to allow for more informed and quicker decisions. The reports provide in-depth analyses with risk scoring against each asset and drill down to asset level configurations and vulnerabilities.
The review encompasses areas such as governance, compliance and privacy policies, security operations, metrics, architecture, technologies, and business continuity to provide a comprehensive view of organisation’s security posture and level of maturity. We leverage best practices that align to industry frameworks including NIST, ISO 270001 and COBIT 5.
GHD Digital | Cybersecurity Capability Statement | 7
8 | Cybersecurity Capability Statement | GHD Digital
Protect your critical assets
GHD Digital helps organisations establish effective controls to protect its most sensitive assets. We balance an organisation’s need to reduce risk with its requirement to enable productivity and business growth.
Deployed without recompiling or accessing source code, our solution provides an immediate defence to the most crippling attacks on ICS services while ensuring application integrity and continuity of services in the face of a threat. The solution effectively hardens critical infrastructure and control systems from the inside and helps organisations avert substantial damage and mounting losses. Advanced Threat Intelligence Solution
Our cyber protection services include: Advanced Threat Defence Solution Industrial environments and critical infrastructure are increasingly at risk of attacks from advanced malware like Industroyer, Stuxnet, BlackEnergy, Triton and NotPetya that are designed to cripple operations, cause outages and affect populations. Nation-states and cybercriminals have turned their focus towards unpatched vulnerable ICS/IT/OT/SCADA systems that control critical operations and processes essential to services that drive the economy and ensure energy, health, safety and national security systems. Using attacks that weaponise at runtime in application memory (i.e. registry attacks, ROP, DLL injections, fileless exploits), attackers evade traditional security to get a foothold on vital systems, then exploit communication links between corporate, IoT and control system networks. Attacks persist for months (or years) before discovery—inflicting substantial damage and causing great losses.
Your most valuable assets are at risk of criminal activities carried out on the Dark Web and many leaders are not aware of the potential issues. GHD Digital can uncover any blind spots in an organisation’s cyber threat intelligence program by performing continuous, personalised surveillance of open and restricted Dark Web markets and forums. We provide an improved visibility of threats and assets, based on highly relevant intelligence that reflects their specific business, market, and industry context. We can provide organisations with a complete cyber intelligence solution for both traditional and Dark Web threats. Our team of threat intelligence analysts work with organisation’s to: •
Establish a bespoke cyber threat dossier
•
Conduct forensic Dark Web research, data collection and analysis
•
Provide threat mitigation recommendations specific to business context.
By tracking hacker activities, we can alert organisations to emerging threats so they act pre-emptively. We do not simply rely on third-party feeds or automated data collection, instead, our human operatives and researchers provide real-time intelligence and analysis that traditional providers cannot deliver.
GHD Digital leverages advanced technology (powered by cybersecurity leader Virsec) to provide a breakthrough deterministic approach to protecting critical infrastructure against memory-based attacks with real-time detection that alerts within milliseconds. The solution optimises threat detection for hard-to-patch Windows and Linux based OT/IT/ICS systems during runtime, effectively closing down the window of exposure for industrial applications and critical infrastructure operations.
GHD Digital | Cybersecurity Capability Statement | 9
10 | Cybersecurity Capability Statement | GHD Digital
Manage your cybersecurity
Managing cybersecurity around critical assets 24 hours a day whilst transforming digitally can be a challenging task. Organisations need support to continually and consistently manage cybersecurity in a rapidly changing digital landscape.
Security Operations as a Service Our security operations comprises a team of experienced cybersecurity and industry system practitioners that provides organisations with continuous network visibility and contextualised actionable alerts to rapidly detect, investigate and resolve threats across your entire system. The security operations accomplishes detection and notification through its innovative platform to track and manage incident response activity, consolidating organisation-wide coordination and communication. The security operations works together with the cyber incident response team to identify and address threats and incidents that may affect critical control systems. The security operations provides security services for the OT environment in addition to the detection and monitoring of security incidents. These services include:
Our services to manage your cybersecurity include: Cybersecurity Assessment and Protection as a Service Determining your cybersecurity strategy and assessing you cybersecurity risk is an ongoing process, however, not all organisations have the same access to security professionals, resources and technologies. At GHD Digital, our cybersecurity experts together with our innovative technologies provide continuous monitoring and management of our assessment and protection services.
•
Network flow monitoring
•
Log aggregation, correlation and analysis
•
Vulnerability detection and management
•
Threat intel, threat management and tracking
•
Incident coordination, response and management
•
Malware analysis, reverse engineering and APT defence
•
Identification of cyber threats and support of prosecution.
Our service is designed to work as part of your team, supporting your cybersecurity functional activities. We work alongside your OT, IT, auditors, partners and vendors to help you consider appropriate cybersecurity controls in your business as usual and transformation activities. We provide the guidance and track implementation of the recommended controls and processes. We augment our assessment and protection service with 24/7 security operations. This helps organisations to effectively improve their cybersecurity risk posture over time without the need to layout extensive capital and operating costs.
GHD Digital | Cybersecurity Capability Statement | 11
Contact: Sunil Sharma Digital Risk and Cybersecurity Lead T +61 2 9239 795 M +61 414 765 842 E Sunil.Sharma@ghd.com
www.ghd.com/digital 2 | Cybersecurity Capability Statement | GHD Digital