Resources

For industry and critical infrastructure.

Find relevant papers, whitepapers, collaterals, guide books for a range of topics related to cybersecurity for industry and critical infrastructure. Some of the files are openly available to download, while some are gated and requires name and email to view.

Collateral

SNOK™ Network Intrusion Detection System
SNOK™ Endpoint Monitoring
SNOK™ PLC Threat Detection
SNOK™ PLC Threat Detection
SNOK™ Enterprise Solution
Cybersecurity specific for Operational Technology (OT)
New early-warning cybersecurity system

SNOK cybersecurity Monitoring for PCS7

Norwegian versions:

SNOK™ Endpoint Monitoring (Norwegian)
SNOK™ PLC Threat Detection (Norwegian)
SNOK™ Enterprise Solution (Norwegian)
SNOK™ Network Intrusion Detection System (Norwegian)

Interview and Media

Automation.com

Secure-NOK article about situational awareness in OT systems

Lerchendalkonferansen (Norwegian)

Panelsamtale med Secure-NOK, NSM, DNB og Sintef “Hvordan sikrer vi verdien av data?”  

Guest editorial

IADC, Advanced Rig Technology Committee serve as leading voice on cybersecurity

Drilling contractor interview

Drilling Contractor Interviews Secure-NOKs Nina Hesby Tvedt about cyberecurity

Female Entrepreneur Norway 2017 (Norwegian)

The Advocate

Cybersecurity attacks could sink a largely unprepared energy industry
Drilling contractor article
Taylored, layered defence-in-depth strategy can help build cyber resilience into rig OT systems
Drilling contractor article
Perspectives: Siv Hilde Houmb, Secure- NOK: Fortify cybersecurity to avoid downtime
Protecting industrial control systems

Papers and guidebooks

Research paper on quantitative vulnerability assessments for critical infrastructure

There are many examples of attacks that has exploited vulnerabilities many months or even years after they were published and patches were available. While information security vulnerabilities are continuously growing, the sectors responsible for or involved in providing vital functions in society have different capacities for identifying time-varying vulnerabilities.

To secure the weakest link, it is essential to obtain knowledge of the extent of the problem. Secure-NOK has developed a methodology to conduct a quantitative vulnerability assessment of Norwegian critical infrastructure. The work has been conducted as part of the CybWin research project.

Guidebook to the Current Standards for Cybersecurity for Drilling Control Systems

The Guidebook to the Current Standards for Cybersecurity for Drilling Control Systems is a detailed assessment of the classification, description, analysis, and comparison of the standards for cybersecurity systems applicable to industrial control systems (ICS) or supervisory control and data acquisition (SCADA) systems pervasive through modern drilling systems. The Guidebook is intended to be a living document – updated as necessary to reflect the current state of cybersecurity standards.

Cybersecurity Requirements for Drilling Assets

The rate of cybersecurity attacks and the attacks’ level of sophistication and organization are increasing. In 2014 – according to the US Department of Homeland Security (DHS) – 53% of all cyber attacks on critical infrastructure targeted the energy industry, and 30% of the attacks succeeded in breaching the security systems that were in place. In 2015, DHS recorded more than 9 cyber attacks per day that targeted the energy industry.

Asset Discovery

In the initial phase of securing your asset, or if you are wondering where to start, SNOK™ can be deployed in SNOK™ Asset Discovery mode on relevant network segments and endpoints of concern. Let it run for a while, then extract the collected information. You will get a report showing:

Topology and details of communication on the network that can be used to determine current vulnerability and plan how a SNOK™ Cybersecurity Monitoring system deployment should look like as well as other security measures such as network segmentation. SNOK™ Asset Discovery will also help you determine if your infrastructure is compliant with current security policies.

Trial Program

Secure-NOK™ offers a SNOK™ Trial Program. The SNOK™ solution is deployed, either as an Appliance or Virtual Machine on selected parts of the control system, for example a selected production line, subsystem or small site. The trial SNOK™ runs for a period of for example 30 days and includes an Analysis Report.