Operational technology companies such as those in the energy sector are required to harden cybersecurity without operational lapses or downtime.

As part of its adoption and implementation of Singapore’s Cybersecurity Act, which maintains national cybersecurity  and protects organizations against online attacks, power company PacificLight has recently conducted a comprehensive vulnerability assessment of its critical networks.

This step aims to ensure the continuity and sustainability of operations and systems of the power generator and retailer, which is capable of powering over 1,000,000 households in the country.

Working with cybersecurity company Kaspersky, PacificLight’s most critical infrastructure segments were examined via a non-intrusive Industrial CyberSecurity (ICS) Assessment program. Experts also emulated specific attack vectors, identifying possible vulnerabilities and scanned for malicious activities and anomalies.

At the end of the industrial cybersecurity assessment, PacificLight was able to gain a better understanding of the nature of virtual threats as well as an actionable plan for cybersecurity improvement.

Said Stephen Lo, Deputy General Manager (Infocomm Technology), PacificLight: “In a climate of increasing cybersecurity threats, PacificLight is committed to adopting best-in-class practices for data security when developing its systems. The implementation of secure and robust IT systems means that PacificLight has an advanced cybersecurity rating within the energy sector.”

The Vulnerability Assessment fulfilled the following objectives:

  • Identification of potential security flaws in the IT and ICS infrastructure
  • Assessment of the degree and severity of vulnerabilities, as well as their possible impact
  • Provision of recommendations to address the detected vulnerabilities

According to PacificLight’s CEO Yu Tat Ming CEO: “The assessment gives us greater assurance that we are upholding internationally-recognized standards of cybersecurity and excellence. By undertaking the exercise and learning from the Kaspersky team’s knowledge, we have increased our protection against cybersecurity threats.”

The Kaspersky Industrial CyberSecurity Assessment does not affect the operational continuity or consistency of the industrial processes. Their experts have the experience to provide industrial cybersecurity services and offer brings consultations at any stage of the customer’s OT security process.