The energy and utilities industry is increasingly under attack from a range of perpetrators. Motives include accessing sensitive commercial information, the disruption of energy and utility networks, and the defrauding of suppliers. And the introduction of smart metering and smart grids brings a fresh set of challenges.
BAE Systems Detica understands the importance of information and IT security within the critical infrastructure environment in Australia and the region, while remaining cognisant of the different risk environments created by closed networks and proprietary systems.
Detica assists critical infrastructure organisations, both through assessing the design of systems, completing 'black box' and 'white box' security testing of existing systems, and through the development of governance and management processes to support the management of IT security within the organisation.
Detica - through BAE Systems Stratsec - was a participant in the Supervisory Control and Data Acquisition (SCADA) Systems Security Workshops organised by the Australian Government's Trusted Information Security Network (TISN), 2005, 2008, 2010, 2011 and 2012, and has presented on SCADA security at events including the National Critical Information Infrastructure Security (NCIIS) Conference, the AusCERT Information Security Conference, and the RUXCON technical security conference.
In addition to our engagements with clients in the industry, we have released a wide range of security intelligence reports on issues related to critical infrastructure and the requirements for information security in this environment; most of which are available for download from the Intelligence area of our website.
Detica - as BAE Systems Stratsec - has been a member of the Computer Network Vulnerability Assessment (CNVA) Panel since inception, a Federal Government initiative administered by the Attorney-General's Department. The aim of this program is:
"...to better protect Australia's critical infrastructure by working with the owners and operators of critical infrastructure to identify major vulnerabilities within computer systems and interdependencies between connected computer systems, and testing the ability of these systems to resist exploitation."
Further information about the CNVA program is available at the Trusted Information Security Network home page,http://www.tisn.gov.au. If you have a project you believe would be suitable for the CNVA program - which includes the opportunity to obtain partial project funding from the Federal Government - please contact us.
For more information regarding how Detica can assist your organisation, please contact us at australia@baesystemsdetica.com or on 1300 027 001.
Securing a Connected World