Adobe Stock 143375484


Red Teaming in OT

Next to Red Teaming in IT, we also perform Red Teaming in OT

Covering all aspects

All expertise inhouse, assessing OT from A to Z

Years of experience

Experience in wide variety of OT globally

Industrial infrastructure is of vital importance to our society. Whether you are an energy company, an oil & gas distributer, a water management organization, a chemical plant or a railway operator: critical processes are usually managed through (potentially vulnerable) operational technology (OT) and information technology (IT) systems.

In industrial infrastructure “safety first!” is of utmost importance. At Secura we tend to say: “no safety without security”, because today, most critical infrastructure systems are controlled through IT and OT systems.

Digital security is of increasing importance, as more and more OT systems are connected and controlled through IT systems. Think for instance of smart meters, smart grid, and industry 4.0 (IIot). All these systems and sensors need to be protected in order to control them properly.

Moreover, cybercrime is growing: also in the world of critical infrastructure. Nation states used cybercrime to sabotage critical infra, like the energy production (in Ukraine) or oil production (in Saudi Arabia).

Regulators see the need for better security in the world of critical infrastructure.

  • In Europe the Network and Information Security (NIS) directive was adopted by the EU parliament in 2016 and converted to law in most European Countries in 2018. Its successor NIS2 will come into force in 2024.
  • This is complimented with ENISA guidelines and the IEC 62443 standard.
  • In the USA several guidelines and standards in the domain of OT and ICS SCADA were released by NIST, NERC and DHS.

How to secure the industrial domain?

OT Cybersecurity Fundamentals


Security is a matter of People, Process and Technology. Recent large cases of phishing and social engineering are proof that even established organizations that take IT security seriously, have to face the reality that the human factor needs to be addressed continuously. Employees have access to important data, exchange important files, and even though they might have the knowledge and be aware of security aspects, however to get them to behave accordingly requires a comprehensive security awareness program (which includes an ICS/OT module).

Adobe Stock 164825723


From a process perspective, operational systems can be fully assessed from head to tail through an OT Site Assessment, or do the NIS / WBNI Compliance check.

Adobe Stock 192261204


Within critical infrastructure, potential vulnerabilities within OT systems could lead to impactful catastrophes. Even with reputable SIEM/SOCs in place, these systems can’t be blindly trusted. Next to Red Teaming in IT, Secura also performs Red Teaming in Operational Technology domain and tests to what extent SIEM/SOC solutions actually protect against attacks.

Deep dive - Offshore Wind

Cyber criminals are increasingly targeting offshore wind assets for their cyber attacks. What are best practices for offshore wind companies to stay on top of the latest vulnerabilities? Watch the replay of the webinar: "Raising Your Cyber Resilience in Offshore Wind".

Fact sheets

Industrial Services Overview

Overview of our services for energy, water management, process industry and more.

Download fact sheet file_download
Cybersecurity in Renewables

Overview of our services within the renewable energy industry.

Download fact sheet file_download

Contact Remco

Do you have a question about Critical Infrastructure / Energy / Utilities / Water Management?

Email Remco keyboard_arrow_right
Remco Huisman Senior Account Manager call +31 (0) 88 888 31 00