Computerised control systems play a crucial role in managing energy production and distribution. Others are vital to automating safeguards and overrides that prevent power spikes or serious industrial accidents.
Energy networks are part of the critical national infrastructure – and an obvious point of attack in any cyberwarfare scenario. With online monitoring and IoT playing an increasingly important role in keeping electricity grids and utilities running, hackers have a range of attack surfaces with which to work.
Fidus work with key players in the energy industry to ensure they have the correct IT security controls in place – and to help them identify potential weaknesses that need to be addressed before they are exploited. We provide:
Our highly skilled, fully qualified security consultants will show you what hackers know – and the very real risks they pose to your systems.
As one of the most regulated industries in the country, energy and utilities companies are under constant scrutiny. In the case of the nuclear industry there are multiple levels of scrutiny – and your IT security provisions must measure up.
It’s not just the energy control systems that are at risk from cyberattack either. By making billing systems and account controls available to customers online, sensitive personal information and billing data is also in danger of being stolen.
Fidus provide a wide range of testing services to help you demonstrate compliance – and identify weaknesses that need to be addressed. From energy industry-specific testing, to more generalised GDPR preparedness assessments, we have a service to help you improve defences against hackers.
Penetration testing reveals your most sensitive network vulnerabilities – so you need a partner you can trust. Fidus Information Security are an NCSC CHECK Green Light and TIGER scheme approved consultancy. Our cyber security experts hold some of the most recognised certifications in the industry, including CREST Certified Tester and Senior Security Tester. Fidus is also a Cyber Essentials verified company. Every assessment we perform is carried out according to UK industry approved methodologies (OWASP, PETS, NIST) along with our own internal testing frameworks.
More than just identifying security vulnerabilities, our cyber security experts are on hand to help you fix them too.
Certified Security Consultants
Our CREST and TIGER approved team holds a range of industry-leading security certifications including OSCP, CCT, SST and CISSP.
Easy to Understand Reports
We’ll ensure that your executives and technical teams properly understand our assessment findings using plain-English reporting.
Fixed Price Proposals
The price you’re quoted is the price you’ll pay. Our quotes are broken down into a detailed costing table so you know exactly what to expect.
Other approaches we've witnessed have included convoluted steps and commonly ends with incorrect information being handed to the consultant assigned to the engagement.
Our approach to security involves a qualified security consultant through the entire process to ensure quality, accuracy and consistency.
Exploiting the eRosary Application In this post we’re going to cover a trivial full account takeover vulnerability our team identified within the new eRosary application, whilst placing an order for the watch! The ClickToPray eRosary beads are advertised as ‘an interactive, smart and app-driven device that serves as a tool for learning how to pray […]
In this post, we’re going to detail some of the issues our team identified with the an extremely common Alarm & GPS device used by vulnerable people around the world (at least 10,000+ in the UK). The device in question is manufactured in China and seems to be purchased in bulk by numerous providers who […]