Cybersecurity Risk Assessment Proven Process
What unseen dangers are lurking below the surface of your plant? A cybersecurity risk assessment protects your critical infrastructure by uncovering the greatest threats to your operations. A crucial element of your Operational Technology (OT) security strategy, cybersecurity assessments reveal gaps, help you make informed decisions, and protect the lifeline of your manufacturing facility.
With a holistic approach, our team guides you through a cybersecurity risk assessment. We follow the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) standard, which is a voluntary framework designed to reduce cyber risks to critical infrastructure. Here's what the process will look like.
Your Guide to a Successful Assessment What to Expect in a Cybersecurity Risk Assessment
Your Role
Your involvement keeps the project moving. Here are a few things we’ll need from you as we move through the process:
- Work with us to schedule the on-site cybersecurity risk assessment
- Key staff will need to be available for interviews and meetings
- Provide requested technical documents and diagrams and a facility site plan if available
- Provide facility and system access as needed
- Provide workspace to Interstates while on-site
- Save final documents for future use
What You'll Receive
Over the course of your project, you can expect to receive:
- Weekly status reports and project schedule updates via Microsoft Teams
- Initial findings report after the site visit
- Recommendations to address vulnerabilities prioritized by risk/impact following the site visit
See what the four phases of this process are and each of the key steps below.
Discovery Phase (1-2 Weeks)
You’ll receive a proposal for a cybersecurity risk assessment.
Client Request
Key Steps
- Request Quote
- Share Project Details
You’re looking to better understand your cyber-related risks and are interested in learning more about how we can help. Once we receive your request, our team will reach out to learn more about your project.
Project Scope
Key Steps
- Scope Project
- Send Documents
After we understand the goals you have for your cybersecurity risk assessment, we will work with you to collect any information needed for the proposal. Once we have all the information we needed, we’ll develop your proposal.
Proposal
Key Steps
- Review Proposal
- Approve Funding
Once the proposal is ready, our team will review it with you. We encourage you to contact us at any time with questions or if you would like to make changes to the proposal. When you are ready to move forward, you’ll need to return a signed proposal and a PO to us.
Site Assessment Phase (1-5 Days On-site | 3-4 Weeks Total)
While we are on-site, you’ll receive daily recap emails with a plan for the next day. At the end of the site visit, you’ll receive a post-assessment recap of the findings.
Kickoff
Key Steps
- Schedule Site Visit
- Prep for Site Visit
If you haven’t already, we’d recommend that you identify who will be on the assessment team. Consider the following roles: Assessment Team Lead, Assessment Engineers, Plant/Site Manager, Controls/ I&E Lead, and Safety Lead. We will schedule a kickoff meeting for both teams to review the proposal, discuss the project schedule and the list of documents needed prior to the site visit, and schedule the site visit. To prepare for the site visit, we will review all client documentation.
On-site Prep
Key Steps
- On-site Kickoff Meeting
- Site Tour
Upon arriving on-site, we first like to meet with key personnel to discuss our assessment approach, areas of review, our evidence-gathering process, discuss any missing documentation, and review the project timeline. From there, we’d like a brief site tour to get familiar with the facility.
Proposal
Key Steps
- Complete On-site Work & Record Findings
- Client Wrap-Up & Recamp of Findings
Once we’re settled in, we’ll review any newly received documents, request access to systems to review configurations, connect to switches to download configurations and passively capture network traffic from the switches. We’ll interview various parties to get a better understanding of processes and perform a more in-depth tour of the facility. Before leaving your facility, we’ll provide you with a recap of our findings and the major themes we identified.
Analysis Phase (2-4 Weeks)
You’ll receive the first draft of the cybersecurity risk assessment report.
Drafted Report
Key Steps
- Develop Report
- Send for Review
Approximately two weeks after the conclusion of the site visit, we will provide a first draft of the report. Included in the report are the areas in the facility that met or did not meet expected security standards, a prioritized list of recommendations and a copy of all gathered data, observations, notes, and findings. This report is peer-reviewed to give you a thorough, comprehensive assessment. We’ll distribute the first draft of the report so you can read it before the review meeting.
Review
Key Steps
- Hold Review Meeting
- Discuss Findings
You’ll meet with us to review the report layout, discuss the findings, and go over our remediation recommendations. This meeting is your chance to understand, ask questions, and make comments on the first draft of the report.
Results Phase (1 Week)
You’ll receive a NIST Cybersecurity Framework (CSF)-based cybersecurity risk assessment report.
Final Documents
Key Steps
- Finalize Report
- Receive Final Documents
We’ll update the cybersecurity risk assessment to reflect any requested changes or comments from the review meeting. A member of our team will send you the finalized version. This information will allow you to make informed decisions regarding security, risk exposure and overall system condition.
Remediation Next Steps
Key Steps
- Discuss Additional Needs
Our partnership doesn’t have to end once we’ve delivered the final report. Whether you’re focused on fixing the areas of greatest risk in the least time and cost or looking to completely revamp your cybersecurity strategy, we can help.