Cyber security for IT and OT environments

How the risk analysis works
We follow recognised frameworks - ISO/IEC 27005, NIST SP 800-30 and IEC 62443. A semi-quantitative model R = P × D (probability × impact) places every risk into severity classes A to D and sets the remediation order.
We map assets, threats and vulnerabilities across both IT and OT.
- Asset inventory and classification
- Threat identification (intentional, accidental, environmental)
- Technical and process vulnerabilities
We rate each scenario by its impact and likelihood of occurrence.
- R = P × D model on a semi-quantitative scale
- Classification into severity classes A / B / C / D
- Prioritisation by real risk level
We propose measures with deadlines, owners and priorities.
- Concrete recommendations for every risk
- A phased implementation plan
- Documentation for compliance and audit
Areas of security measures
Separation of IT and OT networks, segmentation into security zones and controlled crossings per the Purdue model (IEC 62443).
Secure configuration of all IT and OT components in line with vendor recommendations and good practice.
Policies for third-party remote access, time limits, logging and session review.
Centralised log collection (SIEM), anomaly detection and alerting for both IT and OT zones.
Least privilege, central IAM, access audits and privileged access management (PAM/PIM).
Regular scanning, CVSS-based assessment and controlled patching, including OT components.
Moving from Excel to a GRC/ISMS with risk-lifecycle support, workflow and auditability.
Central asset register and classification (CMDB) with links to risks, threats and measures.
Server-room protection, temperature / humidity / smoke monitoring, UPS testing and fire-system reviews.
A security training programme - onboarding and periodic, phishing campaigns and readiness assessment.
Policies and directives: security strategy, access, incident management, asset classification, BCP/DRP.
Specialised for industrial (OT) environments
Production plants play by different rules than office IT. We understand the protocols and risks of PLCs, HMIs and SCADA - and protect them without jeopardising production availability.
Threat detection right inside the industrial network.
- A sensor supporting Siemens S7comm, Modbus and more
- Automatic OT asset inventory
- No disruption to production lines
No direct connections to PLCs - everything through a controlled point.
- Jump Host / Bastion with session recording
- Zero Trust access for a limited time
- MFA and a full audit trail (PAM/PIM)
Separating production from the internet and office IT.
- Segmentation per the Purdue model (IEC 62443)
- A dedicated OT firewall and DMZ
- Managed changes and regular rule reviews