Industrial Security OT

Industrial Cyber Security: Operational Technology (OT)

Our services for more Cyber Security of operating technology

Industrial assets are of vital importance to our society. They embed more and more software and connectivity into their core, but this makes them increasingly vulnerable to hostile or accidental security breaches. Our services help asset owners and operators assess and mitigate risks associated with their industrial systems—loss of availability, integrity and/or confidentiality—while ensuring efficient operations.

Context

Safety, reliability and availability are key in industrial organizations. This is put at serious risk today with the connectivity explosion of industrial (OT) systems (PLCs, ICS SCADA). All systems, sensors and networks must be assessed and protected from cyber attacks.

For these reasons, regulators see clearly the need for better security in the world of industrial organizations. The European Union parliament adopted the Network and Information Security (NIS) directive in 2016 and converted it to law in most EU nations in 2018. This is complemented by ENISA guidelines and by the IEC 62443 standard. In the US, several OT and ICS SCADA guidelines and standards were released by NIST, NERC and DHS.

OUR SERVICES FOR PEOPLE, PROCESS AND TECHNOLOGY

Ausbildung, Praktika & Werkstudententätigkeit

People

Security Awareness and Behavior (SAFE including an OT e-learning module)

Phishing tests

Social Engineering

Training Courses: ICS/SCADA Security and hands-on training

Secure Software Development Lifecycle (SSDLC)

PROCESS

Kundenspezifische Audits

IT/OT Security Maturity Review including building roadmaps

NIS / WBNI Compliance Review and Assessment

IT/OT Risk/Site Assessment – Security Roadmap against relevant standards (IEC 62443 & others)

Design Review / Threat Modeling / Code Review

Elaboration of OT Governance (strategies, policies and processes)

Elaboration of Incident Response Planning

Business Continuity Planning

Support in building OT cyber security teams and a cyber-ready governance structures

Vendor (3rd party) Review/Assessments

Maritime security assessment and classification

7layers

Technology

Threat Modeling, Design/Capabilities Review, Configuration Review, Code Review

Red Teaming in IT/OT environments

IT/OT Vulnerability Assessments (penetration testing, robustness testing)

 

ADDITIONAL SERVICES

Discover our Information Security Management System (ISMS) Certifications for a holistic protection of your company data.

YOU WERE NOT ABLE TO FIND THE RIGHT SERVICE?

Find more services in the Solution Finder or send us your message