The IEC 62443 standard states that the security of a plant also passes through management of suppliers in accordance with the OT Cyber Security standards.
Discover our consulting options for the management of OT Cyber Security
The Cyber Security Managers of large manufacturing companies must be able to prepare a work plan to increase the general security of the plants in use.
Our support consists of modular consultancy to ensure that the goal is achieved through:
- General support for the plant (consulting contract hours/month). One of our specialists prepares and implements the Security plan together with the people responsible for the plant.
- Assistance with suppliers. The selection of suppliers is an essential part of the process of implementation of new projects. The external support of one of our specialists allows end users to more easily determine the cybersecurity specifications to be requested from suppliers, review the technical documentation, and monitor and manage suppliers until completion of the order.
The activities of general support and assistance with suppliers, if aggregated, constitute comprehensive consultancy; they can be agreed separately on request.
The most common and most perceivable consequences for a company struck by a cyber attack are related, for instance, to business continuity due to interrupted production after stopping the attacked systems. Threats can also entail altering or inhibiting safety functions on machinery and systems; for example, when automation is implemented by safety PLCs connected online. There is also the environmental risk, where dangerous emissions from systems under attack can cause, similarly to business continuity or safety of machinery issues, serious damage financially and to the company’s reputation.
The legislative references in the IEC 62443 standard directed at OT device users are found in IEC 62443-2-1 and IEC 62443-2-4 regarding maintenance requirements of systems in conformity with the standard by introducing cyber security policies and procedures.
The “insurance” investment of prevention represents a minimum cost when compared with the potential cost to repair a cyber attack (disaster recovery), for example in the case of ransoms (typically in Bitcoin and often equivalent to millions of euros), but also the cost to make up for downtime or to repair hacked facilities.
Why Choose us
- We have gained experience in the OT Cyber Security field since 2014
- We test every solutions thanks to our in-house OT Cyber Security laboratory
- Our specialists are IEC 62443/ISA 99-certified personnel (Fundamentals Specialist and Cyber Security Risk Assessment Specialist)
- Automation and OT Network Security are some of our most performing competences
- We have bulit a wide network of partnerships with the main international OT solution suppliers
- Our BYHON internal division is the ISASecure® accredited certification body
What some of our customers say about us
"Their flexible and innovative approach to Cyber Security Risk Assessment had been the key for the success of our conformity project according to IEC 62443 standards."
"We recommend H-ON Consulting because they are a firm that shares inspiring values, such as continuous professional growth and innovation seeking."
"The collaboration was a very successful experience for both companies."
"We highly recommend H-ON Consulting service for their expert industrial knowledge concerning machines, process, digital data."
"The biggest benefit our company received working with H-ON Consulting was a combination of on-going flexibility and most of all speed of delivery."
Sirio Sistemi Elettronici