What if we could step into the ring and learn to defend ourselves without any risk of getting popped in the nose? We could practice jabs, blocking, counter-punching and other self-defense techniques, including staying out of trouble in the first place… all with absolutely no risk and zero pain, because it’s not really ‘real.’ You get the exercise of sparring and develop the muscle memory from training, you just avoid damage. Most importantly, you learn what works and what doesn’t, without penalty.

That’s the theory behind Accenture’s Houston-based Industrial Control Systems (ICS) Cyber Range. It’s a place where everyone in the energy value chain – upstream, midstream and downstream – can test the cyber readiness of their industrial systems and process control networks against sophisticated attacks.

It’s risk-free but not stress-free. The attacks can come low and slow or quickly and furiously, but regardless, the opponents are very good. Some defense techniques get exposed for their blind spots and others develop more ‘street-cred’ when they shield industrial assets from harm, but one thing is for sure... everyone comes out smarter, more experienced and more educated.

Why you need to care

Industrial systems and process control networks remain vulnerable along with many other field and production assets. Accenture’s State of Cyber Resilience report said it all: Seventy one percent of organizations admitted cyber attacks are still "bit of a black box," meaning—after all their efforts and expense—they are still unsure of their ability to detect, mitigate and prevent attacks.

Reading further, the news doesn’t get much better. As the report notes, companies also said their cybersecurity programs protect only about two-thirds (~67 percent) of their organizations, with third parties ranked lowest at only 32 percent. Importantly, this holds true for increasingly connected organizations in exploration, energy, oil and gas, midstream and downstream, where traditional IT equipment must now integrate reliably and securely with ICS components and aging field systems … while, of course, fending off increasingly sophisticated attacks.

Every day, cyber opponents and adversaries circle these companies and their increasingly extended value chains Looking for the weakness. They jab, fake, pepper the midsection and then send roundhouses toward the head, looking for knockouts.

Martial artists, boxers and security personnel need to learn by doing and practicing

Companies that visit the Accenture ICS Cyber Range find themselves immersed in an environment that is both safe and hostile—making mistakes, learning and testing new techniques and technologies. Specifically, they can:

  • Test and assimilate new ICS tools and technologies without risk in our ICS engineering lab using real-time data, with practitioners specialized in architecting ICS process control networks.
  • Experiment in a recognizable, scaled-down environment: Similarities to the field OT environment adds realism in a controlled environment while exposing IT security professionals to new devices and security techniques.
  • Learn what works and what may be hype: Energy organizations get to leverage Accenture’s investment in commercially available security technology to test assets in the field.
  • Learn to integrate and orchestrate diverse equipment and vendors: With so many different systems, coordination is critical.
  • Fuse intelligence and detection with response and remediation: Our hybrid team of field engineers, process control architects, cyber defense professionals—across CIFR, iDefense, and ICS Security Engineering—know how to respond to incidents, regardless of location and OT system type.
  • Improve anomaly detection: By learning how to enhance their use of anomaly detection tools, clients get a more accurate and dynamic picture of what’s really happening on their network.
  • Improve threat hunting and vulnerability research: Learn from our ICS threat analysts, who have years of experience using various public and private sources to collect and share specific intelligence with clients.
  • Fine-tune event monitoring: The ICS Cyber Range can help clients enhance their SIEM and even MDR configurations, ensuring that ‘real’ alarms are recognized.
  • Improve maintenance and upkeep: Our tools can reveal detailed information on firmware version and chassis buildout, ensuring known vulnerabilities are mitigated with minimal impact to process and system availability.
  • Strengthen credentials management: Clients can learn to monitor the use of their most powerful credentials, ensure proper change practices and create alarms triggered on misuse of crucial log-ins.

We’ve found that clients who visit theCyber Range and engage with our team gain much better visibility in their process control environments—reducing detection time tenfold. That comes in handy when the bad guys are looking for trouble.

 

Accenture Security

Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence.  Follow us @AccentureSecure on Twitter or visit us at www.accenture.com/security.

Accenture, the Accenture logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Accenture and its subsidiaries in the United States and in foreign countries. All trademarks are properties of their respective owners. All materials are intended for the original recipient only. The reproduction and distribution of this material is forbidden without express written permission from Accenture. The opinions, statements, and assessments in this report are solely those of the individual author(s) and do not constitute legal advice, nor do they necessarily reflect the views of Accenture, its subsidiaries, or affiliates. Given the inherent nature of threat intelligence, the content contained in this report is based on information gathered and understood at the time of its creation. It is subject to change. Accenture provides the information on an “as-is” basis without representation or warranty and accepts no liability for any action or failure to act taken in response to the information contained or referenced in this report.

Copyright © 2020 Accenture. All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks

Jim Guinn

Managing Director – Technology, Cyber Security Lead, Resources


Syed Alam

Managing Director – Semiconductor, Global

Subscription Center
Subscribe to Security Blog Subscribe to Security Blog