Cassidian CyberSecurity, a reference player for high-end cyber solutions and services focused on defense, governments, national infrastructure and critical industry throughout the Middle East, conducted recently the first demonstration of an integrated offer dedicated to protecting oil and gas industrial processes from the threat of cyber crime. Nation Shield got an exclusive opportunity to interview Hervé Guillou, CEO of Cassidian CyberSecurity at the first ‘Cyber Security Forum for Energy and Utilities’ held in Abu Dhabi.

The Middle East is a major client for you. Why do you think this region is susceptible to cyber attacks? And also in which sectors?

We are witnessing more and more sophisticated attacks on government and industrial assets. Just recently we saw reports that gas pipelines in the USA have been subjected to an ongoing coordinated cyber attack by unknown hackers. Utilities and entities in the Middle East are just as vulnerable to a crippling, sustained cyber attack with potentially wide ranging economic consequences for the region. I would like to say the Middle East is just as equally susceptible to cyber threats like US, Germany or France. Energy utilities are under enormous threat from cyber attacks, and this particularly means oil and gas entities. Middle East is a rich source of oil and gas supplies and that is a high threat area. This is why Cassidian CyberSecurity today presented a new integrated offer, capable of defending and monitoring industrial control systems used in the oil and gas industries.

Cassidian CyberSecurity, is entirely devoted to addressing the fast-growing cyber security market across Europe and Middle East. Was there any specific reason to create such a dedicated agency?

Yes, absolutely. There are mainly 3 reasons.

The first one is trust. If you want to have the trust of governments in this very sensitive domain, where you have to know a lot of critical information from the governments then you have to have a very clear, mature, highly specialized platform to offer. So the government of the critical customer, for example in the case of Abu Dhabi National Oil company, knows who they are dealing with precisely so the company can be certified and get authorizations easily. It is very important for companies to know who they are dealing with on absolute terms.

The second reason is that we are developing the cyber security offer far beyond the usual reach of our Cassidian offer which was mainly government. Now, 80 per cent of our new market will be in critical national infrastructure or critical industry updated by the private sector. So we needed a different set of criteria, to be able to address this new market with the right focus.

The third reason even though not obvious at the moment is recruitment. The very best of IT sector will not be willing to join a company which deals mainly with other products. In an organisation having a different primary business, those in the IT will be treated as second grade only. This is a situation which will not go well with the best in the IT field. To recruit and retain the best professionals in the cyber security area, Cassidian came up with “Cassidian CyberSecurity “. Here the talented professionals in the cyber security area can feel the intellectual challenge being within the community and feel that they will have a future and competitive career prospects. It is the same for external groups who are located here and there, who are the solid bricks of technology. They would not like to be swallowed by bigger organisations where the main focus is not technology. They treat us as worthy opponents and many of them are ready to join our club.

Have you met with any major successes in the three launch countries of France, Germany and the United Kingdom so far?

Yes, we have had many successes in our launch countries but we cannot say too many things officially. We are a major partner of UK Government in the field of cryptography. We have recently won the contract to renew all the high grade cryptography of UK. We are also very strong in the field of security operations, almost 5 years in UK and are also partnering with France. We are delivering some very critical products to this country too. There was one press announcement recently in US that we are now certified top secret. Very few companies that can claim that they are certified “Top Secret” in US.

What are the key components of Cassidian CyberSecurity's portfolio?

Cassidian CyberSecurity's portfolio of products and services is built upon three pillars:

• 
  Cyber Defense & Professional Services aimed at providing high-level professional services such as attack analysis and response, risk management, audits of security infrastructure architectures and implementing operation centers dedicated to security supervision of SCADA and IT systems.


• 
  Trusted Infrastructure for implementing national and European high-security trusted solutions and developing technologies like. cryptography, digital identity management in accordance with regulatory and national sovereignty requirements of our customers .


• 
  Secure Mobility to provide next generation security products and services for industry and governments in the form of mobile equipment (voice, data, applications) and deployable communication nodes.

What are the key features of your integrated solution to protect gas and oil industrial processes that you presented at the "Cyber Security Forum for Energy and Utilities" in Abu Dhabi?

Cassidian conducted extensive research into the challenges of securing Industrial Control Systems against attacks and compromise that would target critical energy plants, water and electricity distribution, or similar vital assets. The best defense for any Industrial Control System is to design an overall security architecture that provides defense in depth across the different components. What is more difficult to identify is an approach that enables necessary defenses without creating additional risks for the architecture and operating procedures. Therefore Cassidian CyberSecurity developed a complete approach which provides a whole-life solution and integrates the best solutions into a single package.

The package which Cassidian CyberSecurity offers consists of four countermeasures:

1/ The use of a toolset to perform a formal risk assessment of Industrial Control Systems ( ICS) assets. This enables an identification of the appropriate defenses and a documented justification for their use.

2/ The use of Firewall/Intrusion Detection technology specifically designed for use in ICS environments.

3/ The integration of the outputs of this solution into a Security Information & Event Monitoring System (SIEM). This enables the existing Security Operations Centre team to monitor and defend the organization’s data and Industrial Control System networks.

4/ The use of whitelisting technology to defend the IT systems that comprise the control and reporting elements of Industrial Control Systems. This prevents the infection or corruption of existing files attempting to damage or compromise systems.

You are creating a cyber training centre. Do you plan to offer advanced training in cyber security for people from the UAE and other countries in the Middle East?

In partnership with Khalifa University and Emiraje Systems L.L.C., Cassidian has established the Cyber Operations Centre of Excellence located at Khalifa University in 2011. This is just a starting point. We would like to develop a progressive flow of students and engineers who are specialists in this domain. We are providing training and expertise to customers. We are ready to share our expertise, because awareness and training are the first step to counter threats. If people are not aware of threat, protecting them becomes more difficult.