Services
OT Security
We help you to get the most out of your security budget and resources
The Best Solution For Your Security
Organisational and technical security controls are intended to safeguard against various types of cyberattacks and misuse of assets – including DDoS attacks, mass malware, and targeted ransomware attacks.
The challenge from a security standpoint therefore includes a networked OT infrastructure comprising of highly modern systems alongside 20-30 year old machines. While attackers have so far focused on office IT, it is reasonable to expect that attacks will also be conducted via OT in the future. In any scenario, systematic management for OT security risks is advised.
Simple. Clear. Affordable.
How A Typical OT Project With Us Looks Like
Comparison
Comparison of solutions incl. service in implementation and operation includes a large number of dedicated regional and global providers.
Requirements & Market Research
The relevant requirements were defined together with the customer and potential partners were identified as a result of market research.
Top-3 Providers
Following an initial comparison that included indicative prices on a defined scope for the price point to ensure comparability, a short list of three providers was selected from the long list.
Proof Of Concept
The top 3 providers were each invited to a PoC to test the effectiveness of the solution in the customer environment as well as to determine the final bid price.
Final Decision
We accompanied and prepared the final decision and the start with the final partner till the decision was made.
these are 12 building blocks for OT Security
From Our Perspective
1.
Organisation
Operator is in charge (work management), and there are local contacts
2.
Prioritisation
Risk-based approach based on maximum damage, sensitive data
3.
Inventory
Machine-related assets, ideally in a database (CMDB)
4.
Segmentation
Horizontal (OT – IT with DMZ) and vertical by lines, facilities – NIST reference architecture
5.
Endpoint/Malware Protection
Also, partially possible with legacy systems, scan stick, data locks
6.
Vulnerability Management
Patches in OT are not or hardly possible, focus on systems with access from outside
7.
Employee Awareness
Dedicated OT campaigns to highlight risks as well as proprietary formats
8.
Backups
For larger OT backup tools, processes to create backups after changes
9.
Emergency Concept
Scenarios from single machine failure to all systems with IP address
10.
OT Remote Access
Today, it is necessary, but it is complex to implement. Access restriction, internal enabling, roles/rights, and scheduling are all options
11.
Purchasing Guidelines
Already in specifications, acceptance criteria, demand transparency
12.
Anomaly Detection
Network-based, useful for stable processes, and cost-benefit analysis is crucial
What our customers have to say about us
It's the Result That Counts
WHITEPAPER
OT security programs: what you need to know
Organizational and technical security checks are intended to protect plants against various types of cyber attack and abuse of assets, especially DoS attacks, mass malware and targeted ransomware attacks.
From a security perspective, the challenge lies in having a networked OT infrastructure of ultramodern systems running alongside machines that are 20 to 30 years old. While attackers have so far concentrated their efforts on office IT, we can assume that in future they will target OT as well. In any case, systematic management of OT security risks is highly recommended.
This Whitepaper will outline what is necessary and what actions can be taken to protect the operational technology.
Get in Touch With Us
Simeon Mussler
COO CyberCompare