Cookies help us deliver the best experience on our website. By using our website, you agree to our use of cookies Dismiss

Epsco-Ra introduces new cybersecurity assessment method

Cyprus-based cybersecurity specialist Epsco-Ra Security Systems has launched a comprehensive pentest methodology, which quickly and cost-effectively assesses the security posture of a vessel even while it is underway.

Known as RASP (Rapid Attack Simulation PenTest), the process provides a deep dive into an IT infrastructure's critical security measures to test and expose deficiencies. It very quickly highlights critical areas in a vessel’s networks and recommends ways to improve and fix the faults.

Results are normally produced within 24 hours providing full reporting through quantitative scoring, threat matrix, endpoint configuration analysis, firewall and network assessments as well as malware and command and control simulation.

Andreas Ioannou, managing director of Epsco-ra, said: “The beauty of the system is that it is carried out remotely and is based on the observation we have made that people spend a lot of money on pen testing before they have their core controls optimised or are even off their system’s default settings. So, we said let’s test those first and give the whole process a lot of value.”

Executing a RASP is reportedly very straightforward and can be finished in a day if a vessel has good connectivity. This is needed for the network scanning portion of the process.

Mr Ioannou continued: “So when you execute a RASP you download it from us and we work with someone onboard and start to test how well your firewall functions and how well it is configured. We test the anti-virus software to see how up to date and functional it is and then we do a vulnerability assessment scan on the bridge network.

“With all that data we can assess how well the vulnerability management process is doing? How is your configuration management doing? How is your core control configuration doing? And then we wrap that up into a quantitative score and outline where you can improve, what areas you performed well in and areas not so.”

Gideon Lenkey, director of technology at Epsco-Ra, said that what made the process unique was its quantitative approach. “People buy pentests and get a lot of information they don’t necessarily need. It is not so much about unrealistic attack scenarios but how your security controls and processes are performing onboard your ship that matters. It is also remotely actioned which is a big selling factor.”

Joomla SEF URLs by Artio

Login/Register

Register or Login to view even more of our content. Basic registration is free.

Register now

Digital Ship magazine provides the latest information about maritime satellite communications technology, software systems, navigation technology, computer networks, data management and TMSA. It is published ten times a year.

 

Address:
Digital Ship Ltd
Digital Ship - Digital Energy Journal
39-41 North Road
London
N7 9DP
United Kingdom

Copyright © 2020 Digital Ship Ltd. All rights reserved           Cookie Policy         Privacy Policy

x