Are you looking for more resilience to cyberattacks?

We make you more resilient to cyber attacks and ensure secure operation of your automation and control solutions.

The ever-growing threats from cyberspace are becoming increasingly targeted towards operational technology (OT) in the field of automation and control solutions. Greater interconnectedness and standardisation of these systems allow hackers to carry out attacks that are easier to execute, require less resources and are more comprehensive than ever before.

After thoroughly identifying the risks and vulnerabilities in your operational environment as well as assessing your requirements, we will provide you with a catalogue of remediation measures and prioritise areas or processes in which there is a need for action. For example, the impact of new interfaces can be evaluated, the effectiveness of typical processes such as change, patch and vulnerability management can be assessed, or general technical weaknesses can be identified for consideration as part of a risk assessment. This way we are able to support you on your way to reducing your security risks to an acceptable level on the long run.

More resilience to cyberattacks

Meeting regulatory requirements

Secure operation of automation and control solution

|

Goals / Benefits

Enabling a secure Industry 4.0

Cyber security is an essential factor in the implementation of Industry 4.0. The objectives of the relevant concepts must be independently tested and verified.

Analyzing the Attack Surface

Many OT components do not have functions regarding cyber security. An OT solution pentest checks the effectiveness of the mitigation measures, of which controlled access and override is an essential one.

Finding security gaps and protecting industrial plants

By identifying weaknesses and taking appropriate measures, the stability and reliability of industrial and critical infrastructures is maintained.

On behalf of society

Many OT systems form the backbone of our society. We are proud to help bring them up to an appropriate security standard.

Steps in a OT Security Health Check

Workshop and Interviews

Analysis of the OT architecture, review of existing documentation, identification of vulnerabiliteis in business and management processes, determining individual security objectives as well as risk acceptance

On-Site Inspection

Gain an understanding of your custom production processes, create a hacker’s perspective of your company, security assessment of existing physical interfaces, firewalls and remote maintenance procedures

Technical Security Assessment

Testing the production network for vulnerabilities, including penetration tests for individual systems, security analysis of network transitions and data exchange points between business IT and OT

Risk Modelling

Assessment of all critical production processes, as well as their related production systems and vulnerabilities, calculation of potential damages resulting from compromising or failure of production systems, creating attacker models and evaluating the attack complexity and occurrence probabilities, analysis of cumulative risk for the entire production

Measures and Solutions

Development and prioritisation of short-term and long-term remediation measures, both on a technical and procedural level, support in the development of a holistic security concept

Security Assessment Types

OT Penetration Test

An OT Penetration Test evaluates the effectiveness of an OT system’s security controls and identifies vulnerabilities. In doing so, these weaknesses and associated risks can, on the one hand, impact a system through the environment in which it resides. On the other hand, new risks can also be created by the system on the respective environment. During the analysis, the solution can be analyzed from different perspectives in a network, and different authorizations on the system can also be taken into account.

OT Penetration Test

IT - OT Transition Security Assessment

The audit of IT/OT transitions or transitions of zones with different protection requirements identifies vulnerabilities that jeopardize the secure operation of the plant or systems with higher protection requirements. In particular, the effectiveness and adequacy of security controls for segmentation are analyzed, unwanted network links are searched for, and vulnerabilities in exposed services are identified.

Icon IoT

FAT and SAT

Cybersecurity Acceptance Testing (CAT) as part of Factory Acceptance Testing is a way to assess the security of solutions at an early stage in the acquisition process. In this process, the security measures are checked against generally accepted rules of technology as well as specific requirements of the customer and any deficiencies are identified.

Security testing during site acceptance testing ensures that the security mechanisms are as effective as expected, even after the solution has been integrated.

Threat and risk analysis

Threats and risks to a system, component or product are analyzed in workshops. The benefit is independent of whether the client is a manufacturer, integrator or operator. For all of them it is a possibility to determine the necessity of security measures already in a planning phase and thus to provide for security in a cost-efficient way.

Icon Evaluation