Rising Insurance Premiums with Less Protection Make IT/OT Assessment a Priority

Developing open channels of communication, we aligned a cross functional team to strategically performed a risk and vulnerability assessment while creating a plan to update their facility. 

Continued cyberattacks drive the need for remediation

After being the target of numerous ransomware attacks, a metals manufacturer called on E Tech Group to perform an IT/OT assessment to assess and remediate vulnerabilities.  

Due to increasing insurance premiums, decreasing ransomware coverage and their deductible reaching two-million dollars, the board understood they needed to act quickly to mitigate the existing damage and remediate to protect the business as a whole and minimize impact on shareholders. 

Understanding the disconnect between corporate, operations, Information Technology (IT) and Operational Technology (OT), our team needed to compile and present this information in a way that +was scalable and consumable from the top down. 

Aligning the team to swiftly make change

Lifecycle Status of Control Devices

Not only the number of challenges, but scale came into play when beginning this project.  Once these issues reached the executive level, the timeline to mitigate potential negative shareholder impact was limited, so our team had to move quickly with their assessment. 

When insurance companies were first writing these policies, it was an unspoken agreement that a facility could be trusted to implement everything that was listed.    Now, sites are periodically audited to ensure procedural integrity.  E Tech Group had to quickly identify any discrepancies between the written policy and what was in place to provide the remediation necessary to help decrease the client’s premiums and increase their coverage while simultaneously preventing the ransomware attacks that had been ravaging their network. 

To get an accurate picture of where to start, E Tech Group needed to align the executives, IT team, and the OT team. With a large task list of vulnerabilities to address, quickly building trust amongst these client teams became integral in helping us identify and document the existing assets and systems in the plant.

A multi-point assessment plan with record completion

Opening the lines of communication to better understand the escalation that occurred from the first ransomware attack, to teetering on the edge of negative shareholder impact, allowed our team to gain the perspective necessary to establish our go forward strategy.  Once confirmed, our multi-point plan for an assessment requiring top-down cooperation could be rolled out.

Our first step in this plan was bringing everyone together to take part in a consultation workshop to understand and establish their baseline needs.  E Tech Group gathered critical details like the size of the plant, the number of devices and how many panels they were located in, and the technologies planned to perform the assessment.

Once the plan was laid out, the next step was acquiring all the initial documentation available from the plant.  Making sure we were able to examine the existing Visios, subnet lists, drawings and program files would allow our team to get a visual understanding of and build a framework of the existing system.

Now understanding what we’d be contending with, our team was ready to tackle the digital portion of the assessment.  They were granted VPN access, and a VM was created so they could deploy and reach the plant from their Nessus scanning tool, allowing them to assess and take inventory of their digital assets currently living on the network. 

Moving from the digital network to the facility floor, our team was now ready to walk the site.  The hard work that went into building those initial relationships with the operational team would now come into play, as they knew the site intimately and could best help our team navigate and locate all assets they needed to document and log.  Knowing time was of the essence, it was all-hands-on deck between the on-site and E Tech Group team to scan and gather all IP information associated with vulnerabilities and execute walkdowns to capture all the panels in the plant.

The assessment portion was completed in record time.  E Tech Group would now work diligently to compile an aggregate of walkdown and vulnerability information.  It was critical that this was done in such a way that the deliverables could be interpreted at every level this would impact.  Knowing we had to present consumable material that would cover Visios, vulnerability report, a final report, and an asset database, careful but quick review was necessary to ensure all material exceeded expectations.  Once this was confirmed, it was ready to present.

A protected network and lower premiums

Knowing the challenges to overcome and how much hinged on identifying and resolving their vulnerabilities while simultaneously providing a guide for remediation, E Tech Group rose to the occasion.   

By developing open channels of communication and building the trust needed from the top down, we were able to align and work with their executive, IT/OT, and on-site operations team to strategically and quickly perform the assessment they so desperately needed while creating a plan to update their facility. 

Leadership was overwhelmingly happy with our work knowing the remediation will lead to the lower premiums and increased coverage they once knew, while protecting their business from the barrage of ransomware attacks, they have been suffering from.  Ultimately providing a more secure network for their company and security for their shareholders.  

Follow the link below to learn more about IT/OT Risk Assessments