PAS Solutions for Operational Technology / Industrial Control Systems

As part of Hexagon US Federal, PAS provides world-class software, services, and expertise to help industrial organizations ensure operational technology resilience, including cybersecurity and automation.

Solutions

PAS provides solutions with actionable insights for operators, engineers, analysts, and decision-makers. We provide multiple integration methods to integrate with software solutions you already have.

Service Delivery & Support

PAS Project Operations delivers implementation services to clients, including software deployment and systems integration for PAS software as well as consulting services in OT/ICS, including:

• ICS inventory discovery/management
• Vulnerability management
• Configuration baseline and policy enforcement
• Patch management
• Compliance management
• Backup and recovery
• Forensics

The PAS Product Support Program (PSP) and PSP Plus provide technical and operational expertise 24 hours a day, seven days per week to help customers effectively optimize PAS software. PAS service delivery and support includes assisting customers with the design, implementation, and maintenance of computer software for monitoring, displaying, controlling, configuring, maintaining, and operating automated installations, equipment and predefined graphics and object libraries for use in control systems in industrial applications. In addition, PAS University provides training options for PAS solutions and industry best practices online, virtually and at PAS offices or client sites.

OT Cybersecurity Services

Defining the level of ICS risk exposure is vital to baseline systems as well as to identify and prioritize gaps, leveraging industry or regulatory standards and best practices. Hexagon offers a range of advisory services to assist you, regardless of the maturity and capabilities of your current OT/ICS cybersecurity program.

• Policy Review and Development: Review current documentation and provide an evaluation against one or more industry standards and frameworks (e.g., ISA/IEC 62443, NIST 800, DOE, DHS, European NIS Directive). This service also includes recommendations for improvements to documentation to increase confidence in meeting security compliance audits.
• Security Maturity Assessment: Review 10 security domains and provide an assessment on the organization’s current security posture. This service helps gain the fastest overall understanding of the current OT/ICS state.
• OT Cyber Integrity Evil Hunter: Patch and Vulnerability Add-on: Analyze current capabilities in-depth for asset inventory, vulnerability management, patch management and configuration management.
• OT Cybersecurity Threat, Evasion, Response and Tactical Training: Understand the current threat landscape, walk-through key threat vectors, get guidance on how to establish an incident response plan and the importance of testing this plan, and learn how to put in place foundational security controls.
• Governance, Risk, and Compliance Assessments: Conduct a detailed risk assessment based on ISO, NIST, ISA/IEC, NERC CIP, DOE, DHS, CFATS and SANS frameworks and standards. Includes performing a risk workshop with independent verification (following IIA and ISACA audit requirements) that security controls are in place and effective, an architecture review and incident response plan review.
• Security Strategy, Roadmap, and OT/IT Convergence: Get assistance with developing your OT/IT security strategy and a detailed roadmap to execute that strategy.
• Internal Controls Development: Get assistance with developing internal controls leveraging industry frameworks and develop skills to implement and assess controls