Method Functional Safety
support@methodcysec.com

What happens when you connect OT to IT Corporate Networks?

What happens when you connect OT to IT Corporate Networks?

Organisations are connecting Operational Technology (ICS / IACS / Scada, PLCs, DCS) to corporate networks for good business reasons but this can expose legacy technologies to malicious attack from the internet.

Regulators are now taking a close interest in how those risks are being managed.

Cyber security standards for IT are unsuitable for OT environments, for example having insufficient treatment of safety aspects. Standards for OT are emerging, such as the international IEC-62443 family and within the UK the HSE’s OG-86 guidance to its inspectors, which is based on the NCSC’s Cyber Assessment Framework. Also, regulatory requirements for providers of critical services came into force in 2018 with the NIS Directive.

Method Cyber Security has been working with its clients and with those developing standards in this quickly changing and maturing topic. =Method offers a range of tried and tested services that provide clients with sufficient knowledge and understanding to manage the cyber security of their OT systems, to meet regulatory and business needs.

Cyber Security Management Briefing

Cyber security of OT can appear daunting and confusing. Method Cyber Security can provide clients with focused, tailored and succinct senior-level workshop-based briefings to explore with busy senior executives the impact of cyber security threats and risks to their business. A key message from the emerging regulations and standards is that organisations are now expected to understand and manage the cyber security risks of their OT systems.

Cyber Security Audit

The Method Cyber Security Audit is an inspection of a client’s approach to IACS / OT security. Mainly based on the requirements of OG86, it simulates the kind of inspection that an HSE Specialist Inspector would carry out and highlights key areas for improvement. The focus and depth of the audit is tailored according to the maturity of the client’s cyber security management system.

Cyber Security Risk Assessment

The Method Cyber Security Assessment is in-depth assessment of the cyber security risks to a client’s OT. It supports the client in selecting the appropriate combination of technical and non-technical risk-reducing controls, for later implementation by the client within its cyber security management system.

Cyber Security Consultancy

Method Cyber Security Consultancy is always customised to the client’s needs. For example, some have asked for specific guidance and support to develop the cyber security policy documents that HSE will expect to see. Other clients have sought advice on producing a Simple Network Diagram that documents and explains their defensive architecture – another key artefact for an HSE inspection.

Cyber Security training

=Method also runs a Cyber Security Risk Management training course that align with the briefing, audit and assessment described above.

 


Title: What happens when you connect OT to IT Corporate Networks?
Date: 2019-02-08
Published by: Method Cyber Security



[More Cyber Security news]


Free Seminar: Cyber Security Risk Management – The Fundamentals

The threat landscape is continually evolving and system complexity and inter-connectedness is increasing – so what should you do?

16.07.2024

Free Seminar: Don't buy OT Cyber Security vulnerabilities

Method Cyber Security will be discussing Supply Chain Risks at the FREE CPD Seminar in April.

28.03.2024

IChemE approved OT Cyber Security training course

The =Method Cyber Security Risk Management training course is approved by the IChemE.

15.05.2023

NEW Live Online Introduction to OT Cyber Security Training Course

=Method has introduced a new 1-day Introduction to OT Cyber Security Training course.

12.07.2022

If a system isn't Cybersecure, you can't rely on it to be safe

Throughout the operational life of a process plant controls and safety systems are designed and implemented to perform reliably, consistently and predictably but if a system isn't secure, you can't rely on it to be safe.

30.03.2022

NIST Cybersecurity Framework

​The National Institute of Standards and Technology is a US governmental institution (part of the US Department of Commerce). The NIST Cybersecurity Framework was initially published in 2014 (v1.0) and updated in 2018 (v1.1, current).

24.06.2021

If it is not (cyber) secure, it is not safe - Mike StJohn-Green, CEng FIET, Technical Director, Method Cyber Security

The first reported cyber-attack on a Safety Integrated System demonstrates that systems important to safety need cyber security measures to avoid their safety arguments being invalidated. But there is a broader justification: cyber security risks arise as a direct result of the nature of networked digital technology, which renders existing safety analysis inadequate to mitigate those risks.

26.06.2019

OT and IT Cyber Security combined training discount

Method is encouraging IT and OT Cyber Security teams to develop a common understanding of Cyber Security issues.

12.04.2019

If It Is Not (Cyber) Secure, It Is Not Safe

Mike StJohn-Green and Dil Wetherill are presenting a paper on Cyber Security at Hazards 29.

04.04.2019

What is the relationship between IT and OT Cyber Security?

The effective management of Cyber Security for Industrial Control systems requires cooperation between an organisations IT and OT functions.

13.03.2019


E: support@methodcysec.com. T: 44 (0)1462 713313. W: www.methodcysec.com

LinkedinMethod Functional Safety member of InstMC

Functional Safety + Process Safety + Cyber Security + Compliance Assessment + Competency Register + Software Solutions = Method Safety and Security

Address: Method Cyber Security Ltd. Method House, Davis Crescent, Hitchin, SG5 3RB
Phone: +44 (0)1462 713313 Email: support@methodcysec.com Website:

Terms and Conditions | Privacy Policy. Registered In England 08453480. VAT No. GB 96 3453 69. Site © Copyright Method Cyber SecurityLtd 2024