We use a bespoke methodology that is systematic and specific to Operational Technology (industrial cyber security/SCADA) and the ever-evolving threat of attack.
Our integrated and holistic approach encompasses the full threat life cycle of industrial cyber security.
Assess & Define
- Site survey and asset inventorying
- Technical vulnerability assessment & security testing (pen-testing) and industrial cyber security red teaming.
- Threat and risk assessment
- Health check, gap analysis and maturity assessments, benchmarked to leading industrial cyber security standards.
Design & Implement
- Establishment of cyber security requirement specifications
- Design of security architecture
- Security zone and conduit modelling constructs
- Design of infrastructure layouts and security platforms
- Design of implementation plans and transition-state architectures
- Test plan (FAT and SAT) development & execution
Operate & Maintain
- Security monitoring managed services
- Development of cyber security management systems
- Incident response managed services
- Vulnerability / patch management managed services
- Cyber forensics
- Audit and compliance assessments
- Device robustness testing and assurance
Training & Awareness
- Certified Industrial Cyber Security Specialist (CICSS) course
- Onsite tailored, organisation-wide training
- Incident simulations and drill facilitation
- Red vs Blue team events