Risk & Vulnerability Analysis

Hudson Cybertec specializes in carrying out risk and vulnerability analysis within the IACS domain. A risk analysis is the basis for measuring the cyber security level within your organization. Hudson Cybertec performs these based on leading standards frameworks such as the IEC 62443 or the ISO 27000, and legal requirements.

Depending on the depth of the analysis, aspects such as, actors, scenarios, inputs and vulnerabilities are investigated. You receive a clear overview of the possible consequences of the vulnerabilities found. In addition, attention is paid to the risks and consequences of vulnerabilities of various resources such as SCADA, SIS, HVAC, communication systems, gateways or firewalls.

Hudson Cybertec helps you to take the right steps to mitigate the identified risks and vulnerabilities by providing you with support after a security assessment. We assist you with the creation of an action plan, the assignment of priorities for the identified mitigating measures and the implementation of these measures.

IEC 62443 Assessment

A Security Assessment according the IEC 62443 provides you with a comprehensive overview of the current state of cyber resilience of your organization. We take a specific look at the three pillars of cyber security: people, process and technology. The assessment contains GAP-analyses where we test the current situation against the IEC 62443 standard. Of course a GAP analysis can also be done against other standards or industry best practices.

The results of the assessment give a clear picture of the current security resilience level of your organization. This is the first necessary step for the introduction of a responsible cyber security management in your organization.

For the IEC 62443, Hudson Cybertec works closely together with the Dutch Institute for Standardization (NEN) and is directly involved in the development of the standard.

Security Inspection

Do you want an independent security inspection for your organization? Hudson Cybertec tests your organization for security measures. A security inspection is an excellent way to verify if your organization took sufficient security measures. At the end of the security inspection you will receive a report with the results of the inspection. Based on this report you can take the right actions to ensure that the security level meets the set goals.

Penetration Testing

Prevent unauthorized access to your IACS infrastructure with a pen test. Depending on your requirements, our "Ethical hackers" perform a simulated attack, against a pre-determined system in a controlled environment. The goal is to show that, after infiltration of your systems, hackers can disrupt your primary process.

This test provides a clear insight into the security level of your infrastructure. After the penetration test you receive a report with the results of the test including demonstrated vulnerabilities within your infrastructure. To mitigate these risks posed by the identified vulnerabilities, Hudson Cybertec will setup a plan of action together with you.

Hudson Cybertec offers white box, grey box and black box services for pen testing depending on the goals to be achieved.

Design Validation

Incorporating the required cyber security measures in the design of technical installations, or securing existing installations, requires a thorough knowledge of both technology and cyber security.

As an independent specialist in the field of cyber security for technical environments such as Industrial Control systems, PLC and SCADA networks, building management systems, HVAC and other building-related installations.

Hudson Cybertec supports you with validation of network design, creating or updating ‘as-built’ design documentation, FAT/SAT-support, or engineering validation (of external parties). But also with security by design implementation, penetration tests, engineering support, and more.

SMB Cyber Security Scan

As an independent supplier of cyber security services, we developed the SMB Cyber Security Scan, specifically targeted at SMB’s. This security scan gives you a fast, independent insight into the cyber resilience of your organization.

The report contains the results of the assessment and a list of recommendations to increase the level of cyber security within your organization.