Managed Threat Protection & Response Services for Improving Cybersecurity for Critical Infrastructure

Since the beginning of 2020, cyberattacks aimed at sectors that are critical to society have increased by more than 400%. Of those attacks, 45% were ransomware attacks that targeted or impacted industrial control systems. Left undetected, cyber sabotage within critical infrastructure environments like the power grid and water systems result in service disruptions, infrastructure damage and negative impacts to the environment and to public health and safety.

1898 & Co. is one of the first firms to apply its operational technology (OT) and industrial control systems (ICS) cybersecurity specialization into managed security services.  

“Managing security for ICS and OT is a rare capability for a reason: Critical infrastructure is a highly complex environment,” says Chris Underwood, vice president and general manager of 1898 & Co. “At 1898 & Co., our consultants live and breathe critical infrastructure. We’ve worked in the industry and for the industry, so we have a deep understanding of its challenges.”

1898 & Co.’s Managed Threat Protection & Response service, through intelligence enrichment and insights gained from collective defense information sharing, leverages a variety of indicators and tactics, techniques and procedures to provide 24x7 threat monitoring and detection. 1898 & Co.’s service also proactively hunts for possible intrusions within clients’ OT and ICS.

Industry analysts note that incidents in these environments are inevitable, however damage and fallout can be lessened through rapid detection and response capabilities. Additionally, regulatory measures continue to evolve in response to the heightened threats posed to critical infrastructure companies. For example, Federal Energy Regulatory Commission recently directed the North American Electric Reliability Corporation to develop reliability standards requiring Internal Network Security Monitoring standards. These new standards require power utilities to implement monitoring and detection and identify anomalous activity by way of regulatory mandate, a significant development for that industry.

“Cyber-related risk remains a top concern and consideration for every critical infrastructure company,” says Matt Morris, managing director of Security & Risk Consulting, 1898 & Co. “We continue to see increasing digitization, threats and corresponding regulation. Given the increasing talent shortage, keeping critical processes operational is getting more and more complicated. As specialists who focus on critical infrastructure cybersecurity, we uniquely understand how these environments are designed, built and operated, and we have an unmatched team of engineers and consultants at our back.”

The new capability and MSS services from 1898 & Co. are now available and uniquely leverages multiple on-premise monitoring and detection partner platforms, including Dragos, Claroty and Armis, with a limited number of platforms expected to be added over time. The MSS provides active response via CrowdStrike Falcon platform, an industry-leading security solution. The MSS service also provides the additional value of OT asset discovery, inventory and reporting to include vulnerabilities and network topology mapping.

1898 & Co. has also collaborated with various information sharing and analysis centers (ISACs) to access various industry-specific indicators of compromise and tactics, techniques, and procedures. Initial affiliates include the E-ISAC (electric utilities) and WaterISAC (water utilities), with additional ISACs on the roadmap. This summer, 1898 & Co. will launch an upgraded, next generation security operations center (SOC) for advanced protection and response.