OT Cyber Security
Cyber Security Lifecycle – Assessments
The starting point in any organisation’s cyber security journey is to understand their systems and technologies and identify the gaps in their cyber security posture.
NeoDyne works closely with our customers to aid their understanding of their systems, through tailored assessment programs including:
- Cyber Security Risk Assessments for new and existing OT systems.
- Cyber Security Audits against the IEC-62443 standards in conjunction with our vendor partners.
- Evaluation of existing Industrial OT Cyber Security policies and procedures.
- Development of Reference Architectures and Zone & Conduit Diagrams.
The outputs from the assessment programs ensure the customer is acutely aware of the gaps in their cyber security posture and compliance, and provide a sound basis for the design of effective cyber security controls.
As ISA certified IEC-62443 IC33 Cyber Security Assessment Specialists, we have an in-depth understanding of the security challenges facing your organisation and have the expertise and capability to help you manage all identified potential security threats.
Cyber Security Lifecycle – Design and Implement
On completion of the assessment phase of the cyber security journey, the organisation must address the gaps in their cyber security posture and compliance.
NeoDyne specialises in designing solutions to address the identified gaps, in line with the requirements set out in the IEC-62443 standards.
Our solutions include:
- Defense-in-Depth, multi-layer protection for OT systems,
- User identification & authentication,
- Network segmentation,
- Secure remote access to OT systems,
- Guidance on Implementing a Cyber-Security Management Strategy for OT Systems, and
- Planning and Implementation of Full Cyber-Security Management Systems.
Additionally, NeoDyne can implement and deliver these designs as turnkey solutions through collaborations with our trusted technology partners.
As ISA certified IEC-62443 IC34 Cyber Security Design Specialists, our experience and wealth of knowledge provide our customers with reliable and trustworthy solutions for all their OT cyber security needs. We pride ourselves on providing cost-effective and perfectly tailored solutions that take into account your wider business needs.
NIS Directive
The EU Network and Information Systems (NIS) directive, brought into force on 8th August 2016, aims to achieve a common level of network and information systems security across the European Union by:
- Improving national cyber security capabilities,
- Increasing cooperation between EU member states, and
- Requiring “operators of essential services and digital service providers” to implement “appropriate and proportionate” security measures and notify the relevant national authorities of serious incidents.
The NIS Directive currently applies to designated Operators of Essential Services (OES) across the EU, resulting in increased overhead and challenges as these organisations work towards compliance.
NeoDyne can help your organisation implement and maintain an OT cyber security program to ensure the security and continuity of your systems in line with the NIS directive, based on international standards. We can deliver a complete solution for NIS directive compliance and provide services for the full cyber security lifecycle.
Cyber Security Lifecycle
Cyber Security – International Standards
IEC-62443 is a set of standards, recommended practices, and technical reports that define procedures for implementing electronically secure manufacturing and control systems. The standards also provide guidance on security practices and assessing electronic security performance.
NeoDyne is an IEC-62443 IC33 Cyber Security Assessment Specialist and an IEC-62443 IC34 Cyber Security Design Specialist and uses these standards to address and mitigate current and future security vulnerabilities at our customer sites and as a benchmark for industry best practice in cyber security.
We also have experience with other relevant standards, including:
- ISO/IEC 27001
- NIST Cyber Security Framework
- NERC
