Cyber-security risk management
The cyber-threat to industrial automation and control systems is very real, as demonstrated by high profile attacks in recent years such as Stuxnet, Industroyer and Triton. Effective cyber-security for operational technology (OT) systems is delivered by a blend of:
- Cyber-security defensive measures covering the system lifecycle, from design to operations and the subsequent decommissioning of the systems and individual components.
- Cyber-risk assessments of the systems to establish any additional security measures required to protect them from cyber-threats.
- The integration of cyber-security alongside physical and procedural security measures within the context of overall security.
- Cyber-security vulnerability assessment and penetration testing of the installed systems.
Our security risk management services
Identifying, analysing, evaluating and treating the risks associated with facilities, operations and equipment to acceptable levels.
- Security vulnerability assessment
- Vital area assessment
- Crown jewel assessment
- Governance and process consultancy
- Security governance and process consultancy
- ISO27001 gap analysis
- NCSC/HMG GSC gap anaylsis
- Maturity assessment
- Virtual information security management (CISO/ISM)
- Secure classified information facility creation
- Cyber HAZOP risk assessment
- Cyber LOPA risk assessment
- Gap and compliance analysis to a wide variety of UK and international standards (IEC62443, IoTSAF, OG-0086)
- IoT risk assessment
- Design assessment and analysis
- ICS/OT security governance and process consultancy
- Impartial, independent advice and consultancy
- Tailored approach to suit individual client’s objectives, operational requirements and planning timescales
- Reactive support, assisting clients with engineering challenges
- Focused on deliverables
- Driven by quality of output
- Collaborative approach, working with both customers and supplier partnerships
- Consistently high scores in customer satisfaction surveys
- High levels of repeat business
“We focus on identifying and assessing potential vulnerabilities in industrial automation and control systems from cyber-threats, and proposing effective mitigation measures.”
Check out our latest webinar on a new methodology developed by Risktec. Designed to be familiar to system engineers with experience of HAZOP assessments, this novel ‘CyHAZOP’ risk assessment process provides a scalable approach to identifying cyber-risks.
“Effective cyber HAZOP and LOPA activities can be a time and cost-effective way to assess cyber risk, and are familiar to the industrial sectors”.