Submarkets
- Critical Infrastructure
- Energy / Utilities
- Water Management
- Process Industry
- Operational Technology
- Marine and Offshore
Industrial
Red Teaming in OT
Next to Red Teaming in IT, we also perform Red Teaming in OT
Covering all aspects
All expertise inhouse, assessing OT from A to Z
Years of experience
Experience in wide variety of OT globally
Industrial infrastructure is of vital importance to our society. Whether you are an energy company, an oil & gas distributer, a water management organization, a chemical plant or a railway operator: critical processes are usually managed through (potentially vulnerable) operational technology (OT) and information technology (IT) systems.
In industrial infrastructure “safety first!” is of utmost importance. At Secura we tend to say: “no safety without security”, because today, most critical infrastructure systems are controlled through IT and OT systems.
Digital security is of increasing importance, as more and more OT systems are connected and controlled through IT systems. Think for instance of smart meters, smart grid, and industry 4.0 (IIot). All these systems and sensors need to be protected in order to control them properly.
Moreover, cybercrime is growing: also in the world of critical infrastructure. Nation states used cybercrime to sabotage critical infra, like the energy production (in Ukraine) or oil production (in Saudi Arabia).
Regulators see the need for better security in the world of critical infrastructure.
- In Europe the Network and Information Security (NIS) directive was adopted by the EU parliament in 2016 and converted to law in most European Countries in 2018.
- This is complimented with ENISA guidelines and the IEC 62443 standard.
- In the USA several guidelines and standards in the domain of OT and ICS SCADA were released by NIST, NERC and DHS.
How to secure the industrial domain?
People
Security is a matter of People, Process and Technology. Recent large cases of phishing and social engineering are proof that even established organizations that take IT security seriously, have to face the reality that the human factor needs to be addressed continuously. Employees have access to important data, exchange important files, and even though they might have the knowledge and be aware of security aspects, however to get them to behave accordingly requires a comprehensive security awareness & program (which includes an ICS/OT module).
Process
From a process perspective, operational systems can be fully assessed from head to tail through an OT Site Assessment, or do the NIS / WBNI Compliance check.
Technology
Within critical infrastructure, potential vulnerabilities within OT systems could lead to impactful catastrophes. Even with reputable SIEM/SOCs in place, these systems can’t be blindly trusted. Next to Red Teaming in IT, Secura also performs Red Teaming in Operational Technology domain and tests to what extent SIEM/SOC solutions actually protect against attacks.
Fact sheets
Industrial Services Overview
Overview of our services for energy, water management, process industry and more.
Download fact sheet file_download
Cybersecurity in Renewables
Overview of our services within the renewable energy industry.
Download fact sheet file_downloadContact Remco
Do you have a question about Critical Infrastructure / Energy / Utilities / Water Management?
Email Remco keyboard_arrow_right
