An advanced portfolio of leading infrastructure solutions for IT and OT networks. Our solutions include protection for wired and wireless networks and aid in the construct of highly secure indoor, campus, and outdoor networks.
Next-generation AAM aircraft unveiled by Supernal, S-A2
AGEOS Infrastructure Cyber Security White Paper
1. AGEOS Infrastructure Solutions
Avoid Detection - Run Silent, Run Deep
Prepared by
AGEOS.US
david@mestizoent.com
September, 2023
Cyber Security
Solutions Brief
2. 2 | P a g e
Introduction
Most businesses nowadays need a dedicated team of internal technicians and external vendors working
in concert to address the electronic battlespace. Threats exist across the domains of physical,
inter/intranet, extranet and wireless multi-frequency domains. Flat IT networks, firewalls, DMZs and
traditional network constructs are no longer sufficient in any industry. These systems are prone to
breaches and the hackers use various methods often combining them to get access to sensitive data.
Purpose built tools that decrease risk can be implemented although these cross-industry tools carry their
own risks in terms of cyber industry knowledge, service back doors, and specialized configurations that
may be required for operations. These tools, like firewalls today are the eye of the needle for the black-
hat cyber terrorists. Maintaining awareness of the various ways in which the mobile, desktop, and data
systems, the network systems, and the increasing range of IoT systems that can be compromised requires
new thought. Strategically tackling this problem can not only save a company from potential data theft
but can also increase the efficiency and the return on investment of a company.
Cyber security has become indispensable in almost all the major sectors be it private or government-
owned while the costs to industry, to insurers and to individuals have risen exponentially. The last few
years have witnessed an increased reliance on digital data that is mostsensitive which is why the necessity
to protect infrastructure and data has risen proportionately.
AGEOS is a global systems and solutions integration company with locally delivered services available in
157 countries and over 400 major cities. Our consultative approach and best in class product portfolio are
intentionally designed with submarine force secrecy in support of our customers. We select only the most
advanced technologies and craft workable cyber security standards that are unique to our individual
customers industry and business needs. We seek to protect our clients’ digital and physical assets so that
they may conduct their business without having to worry about data breaches and data loss. This white
paper aims to explain how AGEOS differs in the highly competitive landscape of cyber-security solution
providers.
3. 3 | P a g e
Insurability and Exponential Growth in Cyber Crime
Cybersecurity protection is crucial to the effective and efficient operation of all industries and businesses
today. This protection is multi-faceted and consists of systems construct, application use as applied to
corporate mission, chosen technologies, risk recognition/avoidance and insurability. Insurers who provide
policies for individuals and businesses also face cybersecurity risks and have seen exponential growth in
policies and loss related claims.
U.S. domiciled insurers writing cyber coverage reported $2.75 billion in direct written premium in 2020.
Direct written premiums for the 2020 data year increased by 21.7% from the 2019 data year.
To provide perspective, total U.S. domiciled insurers cyber direct written premiums of $2.75 billion
account for only 0.38% of $727 billion of property/casualty (P/C) directwritten premium in the U.S. During
the 2020 calendar year, U.S. domiciled insurers reported a total of a little over four million policies in
force. Policies in force increased by 21.3% from 2019 to 2020, approximately the same percentage
increase insurers saw in premium growth. Average policy cost rose by 0.38%. Policy prices have risen in
2021, and this will likely be reflected in the 2021 data to be reported next year.
The top 20 groups in the cyber insurance market reported direct loss ratios in the range of 24.6% to
114.1%. The loss ratio for 2020 for the top 20 groups averaged 66.9%, up from 44.6% in 2019. It is
important to note that the cybersecurity insurance market is still developing. Therefore, an element of
catastrophe exposure continues to exist.
In 2021, The US Cybersecurity workforce consists of approx. 950,000 people while recruiters report close
to ½ a Million unfilled positions. Faced with a domestic labor shortage, the heads of US cyber defense
forces – the CIO and CISOs at mid to large businesses are seeking to augment their staff with evolving next
generation AI and Machine Learning software and appliances that target the presence of cyber intruders.
Measured as a country, cybercrime whether individual, organized crimegang hacking activities, or nation-
state sponsored has become its own industry. In fact, with damages totaling over $6 trillion globally it
would be the worlds third largest economy after the U.S. and China. This threat and its resultant costs to
business are expected to increase some 15% per year reaching $10.5 Trillion USD annually by 2025 – as
compared to $3 Trillion USD in 2015. Weare witness to the greatest transfer of economic wealth in history
with more costs than those inflicted from natural disasters and exponentially more profitable than the
global trade of all major illegal drugs combined.
The world relies more on technology now than ever before. Digital data creation has taken a huge surge.
Today, many businesses and government organizations all across the globe store a great deal of that data
and transmit it across networks to computers. Devices and their underlying systems have vulnerabilities
that undermine the health and objectives of an organization when they are exploited.
4. 4 | P a g e
AGEOS – A Comprehensive Solutions Portfolio
AGEOS delivers customer – not market specific - Cyber Security solutions that are custom tailored and
designed to “hide” in plain sight. Unlike the losses caused by network switch, firewall and “standards”
based DMZs or roadmaps for hackers working to exploit weak security, we engage and deliver the full
range of simple to complex consulting, point products, and locally powered global support services. Our
“Cyber-Security Solution (CSS)” Framework is designed for your business – not designed from the
perspective of products that we sell as your business and its inside and outside plants are custom tailored
for maximum protection. Based on your needs, our range of products and services to include our
contributions to your specific risk management framework are always supported by our capabilities to
deliver professional services in virtually any market on the planet. Some of these categories areas follows:
● Analytics Driven Risk Management: Protect your L1 network physical infrastructure and avoid the
human costs of on-going audits that are either not performed and/or do not conform to your specific
Risk Management Framework. Instead, let us help you to remove the human cost, automate this
formerly mundane process and comply with or develop custom standards that can be periodic or
dynamic (silent sentinel). Ensure constancy of communications with workflow specific customizable
dashboards.
● Multi-Frequency Risk Mitigation: IoT is everywhere and today represents perhaps the number one
emerging threat to your business. Operating across the domains of Cellular, W-Fi, RFID, and other
frequencies each device and others with open access are open doorways for hackers. A constant
state of readiness is the only way to combat this aerial assault on your business. Our sensors do just
that across all frequencies to include ROV such as drones. They remain on-guard until a trip-wire
causes an alarm to sound giving you immediate notification of recognized threats.
5. 5 | P a g e
● Data Prizm: Firewalls, DMZs and Data Diodes increase security risks and inhibit business operations
especially when support is required for inside and outside plant systems. Business Operations now
require segmentation of Operational Technologies with the capability to continuously collect,
transform, load, submit and alert business level analytics for rapid remediation or response.
● Trip Wire: Servers in all parts of the enterprise communicate with each other and are targets for
cyber-terror. Our Trip-Wire Solution operates in the nano-second rangeand ensures that the packets
sent are packets received with no anomalies. When anomalies are detected or theft of packets in the
data stream are observed, the packets are dissolved resulting in a machine-time encrypted real-time
request to resend and advanced notification.
● Business Network Construct: Alignment of your business workflows and segments is critical in
ensuring the best level of Information Technology and Operational Technology segmentation.
Reducing Cost and Risk is paramount to all businesses and decisions on the technologies to deploy
for risk mitigation is critical. We help you to address critical physical architecture decisions that help
you to better comply with your risk management framework, labor shortages, and costs.
● Global Network Services: No matter where your business is, we are there. We avoid the flying tech
model and for more than 25 years our team has handled some of the most critical transportation
and municipal networks in the world. Our personnel are trusted network experts with US DHS and
DOT approved (some higher) clearances. English is the spoken language in all markets. 157 countries,
more than 400 existing locations – some with 24x7 support requirements.
Individualized CSS (Cyber-Security Standard) - ICSS
Our minimum set of standards for your ICSS is based on Title 10 of the Code of Federal Regulations, Part
73, “Physical Protection of Plants and Materials,” Section 73.54, “Protection of Digital Computer and
Communication Systems and Networks,”. We chose this standard as it requires nuclear licensees to
provide high assurance that digital computer and communication systems and networks are adequately
protected against cyber-attacks, up to and including the design basis threat as described in 10 CFR 73.1.
As required by 10 CFR 73.54 (b)(3) the cyber security program is a component of the physical protection
program. The physical protection and cyber security programs are mutually supportive of the goal of
preventing acts of industrial sabotage while the ICSS is customized to your business needs.
We selected this standard as it supports the protection of plant equipment from unauthorized access by
an un-trusted individual/s. The critical group of the Insider Mitigation Program includes: any individual
who has the combination of electronic access and the administrative control (e.g., “system administrator"
rights) to alter one or more security controls associated with one or more critical digital assets; and any
individual with extensive knowledge of the site-specific cyber defensive strategy.
6. 6 | P a g e
Conclusion
Data security will continue to be a persistent problem which will only increase in scale and become more
and more complex in the upcoming years. Industrial Era Security is replete with point solutions that have
been hobbled together as the technologies evolved. This series of incremental steps has been driven by
purveyors of product selling what is in their tool box versus dedicated solutions personnel who take the
time to learn your business, your business workflows and take a mission approach to align with you and
your business as a partner invested in mission specific security.
AGEOS takes a consultative approach to each engagement and is assessment driven. We partner with our
customers for the long term and continue to seek and develop the best solutions that the global
marketplace has to deliver – custom tailored to your needs and budgetary capabilities.
We look forward to engaging with and servicing your business as we have for others over the past 25+
years.