Industrial control risk based assessments

With the increase of cybersecurity incidents to industrial production systems, the need for risk assessments in order to defend them is critical.

The differences between Information Technology (IT) and Operation Technology (OT) means that poor results are often obtained when applying traditional IT security standards to your Industrial Control Systems (ICS).

We have developed a risk-based assessment methodology from a collection of industrial cybersecurity best practices and most used standards. This methodology addresses thespecific requirements of OT systems, without losing track on the IT systems they link to.

The risk assessment is particularly important in physical production sites, where threats like ransomware or DDos are increasing.

Our methodology covers a range of OT systems in areas including:

• System modeling: we break down your industrial control systems into smaller logic areas, so we can accurately assess them
• System monitoring and logging: our methodology analyses traffic, identifying relevant packets in SCADA protocols and detecting anomalies
• Network segregation: we provide channels to test segregation between IT and OT networks
• Threat analysis: the threats for acompanies industrial control system are different  to those in IT systems. Our methodology takes these differences into account, and provides a throrough threats analysisresulting in a fully encompassing risk assessment
• Remediation: we recommend controls that will protect your network, without affecting your control systems performance