In an effort to improve cybersecurity resiliency for critical infrastructure environments, 1898 & Co. is launching Managed Threat Protection & Response, a new proactive threat hunting and response capability to its existing Managed Security Services (MSS) solution. 1898 & Co. is the business, technology and cybersecurity consulting arm of Burns & McDonnell, a 100% employee-owned engineering, construction and architecture firm.
Since the beginning of 2020, cyberattacks aimed at sectors that are critical to society have increased by more than 400%. Of those attacks, 45% were ransomware attacks that targeted or impacted industrial control systems. Left undetected, cyber sabotage within critical infrastructure environments like the power grid and water systems result in service disruptions, infrastructure damage and negative impacts to the environment and to public health and safety.
Unlike other firms that focus mostly on information technology cybersecurity, 1898 & Co. is one of the first firms to apply their operational technology (OT) and industrial control systems (ICS) cybersecurity specialization into managed security services.
“Managing security for ICS and OT is a rare capability for a reason: Critical infrastructure is a highly complex environment,” says Chris Underwood, vice president and general manager of 1898 & Co. “At 1898 & Co., our consultants live and breathe critical infrastructure. We’ve worked in the industry and for the industry, so we have a deep understanding of its challenges.”
1898 & Co.’s Managed Threat Protection & Response service, through intelligence enrichment and insights gained from collective defense information sharing, leverages a variety of indicators and tactics, techniques and procedures to provide 24x7 threat monitoring and detection. 1898 & Co.’s service also proactively hunts for possible intrusions within clients’ OT and ICS.
Industry analysts note that incidents in these environments are inevitable, however damage and fallout can be lessened through rapid detection and response capabilities. Additionally, regulatory measures continue to evolve in response to the heightened threats posed to critical infrastructure companies. For example, Federal Energy Regulatory Commission recently directed the North American Electric Reliability Corporation to develop reliability standards requiring Internal Network Security Monitoring standards. These new standards require power utilities to implement monitoring and detection and identify anomalous activity by way of regulatory mandate, a significant development for that industry.
“Cyber-related risk remains a top concern and consideration for every critical infrastructure company,” says Matt Morris, managing director of Security & Risk Consulting, 1898 & Co. “We continue to see increasing digitization, threats and corresponding regulation. Given the increasing talent shortage, keeping critical processes operational is getting more and more complicated. As specialists who focus on critical infrastructure cybersecurity, we uniquely understand how these environments are designed, built and operated, and we have an unmatched team of engineers and consultants at our back.”
The new capability and MSS services from 1898 & Co. are now available and uniquely leverages multiple on-premise monitoring and detection partner platforms, including Dragos, Claroty and Armis, with a limited number of platforms expected to be added over time. The MSS provides active response via CrowdStrike Falcon platform, an industry-leading security solution. The MSS service also provides the additional value of OT asset discovery, inventory and reporting to include vulnerabilities and network topology mapping.
1898 & Co. has also collaborated with various information sharing and analysis centers (ISACs) to access various industry-specific indicators of compromise and tactics, techniques, and procedures. Initial affiliates include the E-ISAC (electric utilities) and WaterISAC (water utilities), with additional ISACs on the roadmap.
This summer, 1898 & Co. will launch an upgraded, next generation security operations center (SOC) for advanced protection and response.
About 1898 & Co.
1898 & Co. is a global business and technology consultancy that brings together a unique blend of engineers and industry leaders to deliver strategic business insights and solutions for critical infrastructure industries. We partner with clients to plan, invest, secure and optimize critical assets for a successful, sustainable future. For more information, visit 1898andCo.com.
About Burns & McDonnell
Burns & McDonnell is a family of companies bringing together an unmatched team of more than 13,500 engineers, construction and craft professionals, architects, planners, technologists, and scientists to design and build our critical infrastructure. With an integrated construction and design mindset, we offer full-service capabilities. Founded in 1898 and working from 70 offices globally, Burns & McDonnell is 100% employee-owned. Learn how we are designed to build.