Services

OT Security

What you need to know?
We help you to get the most out of your security budget and resources

The Best Solution For Your Security

Organisational and technical security controls are intended to safeguard against various types of cyberattacks and misuse of assets – including DDoS attacks, mass malware, and targeted ransomware attacks.

The challenge from a security standpoint therefore includes a networked OT infrastructure comprising of highly modern systems alongside 20-30 year old machines. While attackers have so far focused on office IT, it is reasonable to expect that attacks will also be conducted via OT in the future. In any scenario, systematic management for OT security risks is advised.

Simple. Clear. Affordable.

How A Typical OT Project With Us Looks Like

Comparison

Comparison of solutions incl. service in implementation and operation includes a large number of dedicated regional and global providers.

Requirements & Market Research

The relevant requirements were defined together with the customer and potential partners were identified as a result of market research.

Top-3 Providers

Following an initial comparison that included indicative prices on a defined scope for the price point to ensure comparability, a short list of three providers was selected from the long list.

Proof Of Concept

The top 3 providers were each invited to a PoC to test the effectiveness of the solution in the customer environment as well as to determine the final bid price.

Final Decision

We accompanied and prepared the final decision and the start with the final partner till the decision was made.

these are 12 building blocks for OT Security

From Our Perspective

1.

Organisation

Operator is in charge (work management), and there are local contacts

2.

Prioritisation

Risk-based approach based on maximum damage, sensitive data

3.

Inventory

Machine-related assets, ideally in a database (CMDB)

4.

Segmentation

Horizontal (OT – IT with DMZ) and vertical by lines, facilities – NIST reference architecture

5.

Endpoint/Malware Protection

Also, partially possible with legacy systems, scan stick, data locks

6.

Vulnerability Management

Patches in OT are not or hardly possible, focus on systems with access from outside

7.

Employee Awareness

Dedicated OT campaigns to highlight risks as well as proprietary formats

8.

Backups

For larger OT backup tools, processes to create backups after changes

9.

Emergency Concept

Scenarios from single machine failure to all systems with IP address

10.

OT Remote Access

Today, it is necessary, but it is complex to implement. Access restriction, internal enabling, roles/rights, and scheduling are all options

11.

Purchasing Guidelines

Already in specifications, acceptance criteria, demand transparency

12.

Anomaly Detection

Network-based, useful for stable processes, and cost-benefit analysis is crucial

What our customers have to say about us

It's the Result That Counts

WHITEPAPER

OT security programs: what you need to know

Organizational and technical security checks are intended to protect plants against various types of cyber attack and abuse of assets, especially DoS attacks, mass malware and targeted ransomware attacks.

From a security perspective, the challenge lies in having a networked OT infrastructure of ultramodern systems running alongside machines that are 20 to 30 years old. While attackers have so far concentrated their efforts on office IT, we can assume that in future they will target OT as well. In any case, systematic management of OT security risks is highly recommended.

This Whitepaper will outline what is necessary and what actions can be taken to protect the operational technology.

Whitepaper Cover
Get in Touch With Us

Simeon Mussler
COO CyberCompare

+49 (0)711 811-91494
  cybercompare@bosch.com