Services

OT Security

What you need to know?

We help you to get the most out of your security budget and resources

The Best Solution For Your Security

Organisational and technical security controls are intended to safeguard against various types of cyberattacks and misuse of assets – including DDoS attacks, mass malware, and targeted ransomware attacks.

The challenge from a security standpoint therefore includes a networked OT infrastructure comprising of highly modern systems alongside 20-30 year old machines. While attackers have so far focused on office IT, it is reasonable to expect that attacks will also be conducted via OT in the future. In any scenario, systematic management for OT security risks is advised.

Our provider directory - are you already part of it?

Our customers can receive offers from the following providers - and all others

Offer comparison of solutions incl. service for OT monitoring at a gas network operator

System For Central Attack Detection

Project example: OT Monitoring

1.

Comparison of solutions incl. service in implementation and operation includes a large number of dedicated regional and global providers.

2.

The relevant requirements were defined together with the customer and potential partners were identified as a result of market research.

3.

Following an initial comparison that included indicative prices on a defined scope for the price point to ensure comparability, a short list of three suppliers was selected d from the long list.

4.

The top 3 vendors were each invited to a PoC to test the effectiveness of the solution in the customer environment as well as to determine the final bid price.

5.

We accompanied and prepared the final decision and the start with the final partner till the decision was made.

these are 12 building blocks for OT Security

From Our Perspective

1.

Organisation

Operator is in charge (work management), and there are local contacts

2.

Prioritisation

Risk-based approach based on maximum damage, sensitive data

3.

Inventory

Machine-related assets, ideally in a database (CMDB)

4.

Segmentation

Horizontal (OT – IT with DMZ) and vertical by lines, facilities – NIST reference architecture

5.

Endpoint/Malware Protection

Also, partially possible with legacy systems, scan stick, data locks

6.

Vulnerability Management

Patches in OT are not or hardly possible, focus on systems with access from outside

7.

Employee Awareness

Dedicated OT campaigns to highlight risks as well as proprietary formats

8.

Backups

For larger OT backup tools, processes to create backups after changes

9.

Emergency Concept

Scenarios from single machine failure to all systems with IP address

10.

OT Remote Access

Today, it is necessary, but it is complex to implement. Access restriction, internal enabling, roles/rights, and scheduling are all options

11.

Purchasing Guidelines

Already in specifications, acceptance criteria, demand transparency

12.

Anomaly Detection

Network-based, useful for stable processes, and cost-benefit analysis is crucial

What our customers have to say about us

It's the Result That Counts

I am actually very satisfied – I appreciate the complicated context and have confidence in the team after several joint projects. The problems will be resolved as expected. The results are excellent, and I can even use the slides directly, 1:1, for internal communication and coordination. Of course, we also buy expertise – we would be unable to handle these procurement projects on top of our regular business.

Thanks a ton. Got the feedback from the partner that the work you did was top!

CyberCompare did an excellent job of introducing us to incident response and emergency management. We are very satisfied with the cooperation and are very grateful for the help in selecting a service provider to carry out the next steps.

Today we had the final workshop of the PoV with X. Despite initial difficulties with X, we were able to come to a technical decision today after 1 week – pro X. […] I think your good preliminary work was again positively confirmed today in the test, me and the colleagues think that the right solution has been selected here. Therefore, thanks again to you and Bosch CyberCompare.

We are very grateful for the cooperation. When choosing a service provider from our “Top 3” list, we relied on CyberCompare’s recommendation.

This is great. Thank you for the brilliant evaluation.

CyberCompare accompanied us during the implementation of XDR/MDR and the project was an absolute success. As a company, we would like to repeat that, which is why we are looking forward to working with them on a SOC/SIEM project.

Great praise to CyberCompare for the speedy preparation and structuring of the report, which brings significant added value to all parties involved.

The results that CyberCompare has delivered to our purchasing department are great. Also in the future we will rely on the support of CyberCompare for further projects.

Our Whitepaper

OT Security Programs

In this whitepaper, we outline the measures that need to be taken for the systematic management of OT security and what actions can be taken to protect the OT.

Download

Book an appointment to get a free offer comparison, specifically for your case.

Nehal Thakore
Bosch CyberCompare Country Head UK

+44 1895 838 918
nehal.thakore@uk.bosch.com