Methodology

We’re a cybersecurity company. To implement cybersecurity effectively, Block Harbor utilizes a methodology tailored around the cyber-physical systems we protect. Without a methodology, our customers spend money without any strategy. Like information security, we want to follow a NIST approach to securing a system:

Identify: Know what our customer needs to protect. Then, seek to understand the risk posed to each of those assets by threat actors.

Protect: Stand up specific protections for risks posed by threat actors to specific assets.

Detect: A system is never 100% secure. We make sure our customers are prepared to detect incidents if an attacker gets in.

Respond: The impact of a cyber incident is highly dependent on preparedness. We insist that our customers are prepared and exercised in cyber response.

Recover: If a cyber-attack happens, our number one priority is getting our customer back online and secured from a repeat cyber-attack.

For more information on the NIST Cybersecurity Framework, visit https://www.nist.gov/cyberframework.

Block Harbor goes beyond well-practiced cybersecurity to ensure cyber-physical security. A key part of that relies in understanding the different threats to cyber-physical systems. Whereas a threat actor for data security might be someone looking for financial gain through holding a system for ransom, a cyber-physical system faces a threat actor that will seek to hurt somebody. This threat actor will likely be state sponsored with time, money, and skills at their convenience. We denote these actors as “Advanced Persistent Threats” (APTs). To frame our efforts around securing against APTs, we borrow a well-maintained framework from MITRE: Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK). For more information on MITRE ATT&CK, visit https://attack.mitre.org/. Importantly, the MITRE ATT&CK framework assists with the following areas:

· Adversary Emulation

· Red Teaming

· Behavior Analytics Development

· Defensive Gap Assessment

· SOC Maturity Assessment

· Cyber Threat Intelligence Enrichment

Using these frameworks alongside the security mindset enables our team to succeed at keeping our customers safe. The security mindset is the ability to look at a system for how it might be abused rather than used.