Services

OT Security

What you need to know?
We help you to get the most out of your security budget and resources

The Best Solution For Your Security

Organisational and technical security controls are intended to safeguard against various types of cyberattacks and misuse of assets – including DDoS attacks, mass malware, and targeted ransomware attacks.

The challenge from a security standpoint therefore includes a networked OT infrastructure comprising of highly modern systems alongside 20-30 year old machines. While attackers have so far focused on office IT, it is reasonable to expect that attacks will also be conducted via OT in the future. In any scenario, systematic management for OT security risks is advised.

Our provider directory - are you already part of it?

Our customers can receive offers from the following providers - and all others

Offer comparison of solutions incl. service for OT monitoring at a gas network operator

System For Central Attack Detection

Project example: OT Monitoring

1.

Comparison of solutions incl. service in implementation and operation includes a large number of dedicated regional and global providers.

2.

The relevant requirements were defined together with the customer and potential partners were identified as a result of market research.

3.

Following an initial comparison that included indicative prices on a defined scope for the price point to ensure comparability, a short list of three suppliers was selected d from the long list.

4.

The top 3 vendors were each invited to a PoC to test the effectiveness of the solution in the customer environment as well as to determine the final bid price.

5.

We accompanied and prepared the final decision and the start with the final partner till the decision was made.

these are 12 building blocks for OT Security

From Our Perspective

1.

Organisation

Operator is in charge (work management), and there are local contacts

2.

Prioritisation

Risk-based approach based on maximum damage, sensitive data

3.

Inventory

Machine-related assets, ideally in a database (CMDB)

4.

Segmentation

Horizontal (OT – IT with DMZ) and vertical by lines, facilities – NIST reference architecture

5.

Endpoint/Malware Protection

Also, partially possible with legacy systems, scan stick, data locks

6.

Vulnerability Management

Patches in OT are not or hardly possible, focus on systems with access from outside

7.

Employee Awareness

Dedicated OT campaigns to highlight risks as well as proprietary formats

8.

Backups

For larger OT backup tools, processes to create backups after changes

9.

Emergency Concept

Scenarios from single machine failure to all systems with IP address

10.

OT Remote Access

Today, it is necessary, but it is complex to implement. Access restriction, internal enabling, roles/rights, and scheduling are all options

11.

Purchasing Guidelines

Already in specifications, acceptance criteria, demand transparency

12.

Anomaly Detection

Network-based, useful for stable processes, and cost-benefit analysis is crucial

What our customers have to say about us

It's the Result That Counts

We keep you up-to-date with our whitepapers

Our Whitepaper

OT Security Programs
In this whitepaper, we outline the measures that need to be taken for the systematic management of OT security and what actions can be taken to protect the OT.
Download
Book an appointment to get a free offer comparison, specifically for your case.

Nehal Thakore
Bosch CyberCompare Country Head UK

+44 1895 838 918
  nehal.thakore@uk.bosch.com