Security risk assessment refers to the process of detecting and identifying weaknesses in or risks to the security of industrial production control environments. It applies scientific methods and means to systematically analyze threats to the network and industrial production control system, assesses vulnerabilities from the perspective of risk management, and determines the degree of potential harm once a security event occurs. It also proposes targeted countermeasures for protection and corrective measures to resist threats.The HollySys Cyber Security Research Institute believes that security must serve business and anchors its work in Cyber Security in "best practices". The Institute assesses industrial production control systems and environments in three aspects — network security, boundary security, and computing environment security — to effectively guarantee the accuracy and comprehensiveness of assessment results.
Security reinforcement refers to repairing the vulnerabilities discovered in industrial control systems by security risk assessment. Vulnerabilities may be in the operating system or software tools, and include the configuration items of unsafe software, the startup of unnecessary services, weak system passwords, insecure privileges management, and more. At the same time, security reinforcement can optimize the rules for security devices deployed in the field to better defend against the spread of common ransomware or Trojans in the process. The reinforcement solution is based on the principle of minimizing system exposure: shutting down all unnecessary services, ensuring that no medium to high-risk vulnerabilities exists for services or ports that must be opened for business needs, strictly controlling system access, prohibiting anonymous logins and weak passwords, and configuring relevant system logs to record system-related events.In terms of system reinforcement objectives, the rules — from the system boundary to the secure transmission of system data and to the secure execution of the control terminal — meet the security needs of the whole system, truly realizing security technology that is manageable, controllable, and traceable by point.
Emergency response services refer to the security services provided in order to meet industrial enterprises' needs in the event of a security incident requiring an emergency solution. Upon a hacker attack, system crash, or other security events occur and the normal business operation of an industrial enterprise is affected, security experts from the HollySys Cyber Security Research Institute are the first responders of your emergency. Their goal is to resume normal production and business operations in the shortest possible time while helping enterprises identify the source of the problem and recovering or reducing their economic losses.After conducting an emergency response, a detailed report is provided that reconstructs the intrusion process and provides a corresponding solution.
In order to help industrial production control systems meet the requirements of the corresponding level of class protection, HollySys Cyber Security Research Institute has launched a rectification service for the Cyber Security Technology — Baseline for Classified Protection of Cybersecurity. Defense in depth (DiD) is the main concept in the technical details of information systems' security design. It extends the technical requirements for each level of the security environment and introduces the idea of "triple protection, one center" — in reference to a protected computing environment, protected area boundary, protected communication network, and a unified security management center.The HollySys Cyber Security Research Institute's quality-assurance compliance rectification service is based on the above technical requirements and the "triple protection, one center" concept; it is designed to meet the requirements of Network Security Level Protection through an analysis of protection gaps; rectification can be implemented on-the-ground with methods certified by the Ministry of Public Security; it offers complete fulfillment of rectification services according to various rectification plans.