ICS Security Assessment

Cyber Security Analysis of the Plants
Contact us
Discover more

Industrial Cyber Security » End User » ICS Security Assessment

Industrial Cyber Security » End User »
ICS Security Assessment

H-ON Consulting - Pittogramma
Contact us
The IEC 62443 standard states that the security of a plant is based on analysis of the organization and vulnerabilities.

Request an analysis of the Cyber Security of the plants optimizing time and results

The Cyber Security managers of large manufacturing companies must be able to act while always having an up-to-date picture of the level of security of the plant.

Our ICS Security Assessment service provides two different types of consultancy:

  • Complete Assessment. The complete safety assessment of the plant is a service that involves the support of 2 specialists at the plant for 3 days. This option includes the analysis of plant vulnerabilities based on active and/or passive scans, analysis of vulnerabilities related to social engineering, high-level risk analysis, analysis of governance and organization and an assessment of the health status of the network in qualitative and quantitative terms.
  • Basic Assessment. The basic safety assessment of the plant involves the presence of one of our technicians at the plant for 3 days. This option only covers the assessment of plant vulnerabilities based on active and/or passive scans, the analysis of any security issues and an assessment of the health status of the network in qualitative and quantitative terms.

The Basic Assessment is a valid tool for initial analysis, after which it is advisable to plan subsequent analyses.

FAQ

The most common and most perceivable consequences for a company struck by a cyber attack are related, for instance, to business continuity due to interrupted production after stopping the attacked systems. Threats can also entail altering or inhibiting safety functions on machinery and systems; for example, when automation is implemented by safety PLCs connected online. There is also the environmental risk, where dangerous emissions from systems under attack can cause, similarly to business continuity or safety of machinery issues, serious damage financially and to the company’s reputation.

The legislative references in the IEC 62443 standard directed at OT device users are found in IEC 62443-2-1 and IEC 62443-2-4 regarding maintenance requirements of systems in conformity with the standard by introducing cyber security policies and procedures.

The “insurance” investment of prevention represents a minimum cost when compared with the potential cost to repair a cyber attack (disaster recovery), for example in the case of ransoms (typically in Bitcoin and often equivalent to millions of euros), but also the cost to make up for downtime or to repair hacked facilities.

Related Services

h-on consulting - Related Service

Recommended Posts

IEC 62443 industrial cyber security
The IEC 62443 Standard, the international reference for Industrial Cyber Security

Considering the impact of Industry 4.0 on Industrial Cyber Security, the only way to apply […]

 Read more
Cyber Security Risk Assessment High Level
High Level Risk Assessment according to Industrial Cyber Security standards

The High Level Risk Assessment is the starting point of an Industrial Cyber Security Risk […]

 Read more
low level risk assessment iec 62443
Low Level Risk Assessment according to Industrial Cyber Security standards

The Low Level Risk Assessment is the analysis following the High Level Risk Assessment, in […]

 Read more

Follow us on

LinkedIN
Youtube
Newsletter

Why Choose us

  • Experience in the OT Cyber Security field since 2014
  • In-house OT Cyber Security laboratory
  • In-house IEC 62443/ISA 99-certified personnel (Fundamentals Specialist and Cyber Security Risk Assessment Specialist)
  • Automation and OT network specialists
  • Wide network of collaborations with the main international OT solution suppliers

For more information about this service or to request a quote

Contact us