The deviation from the standard should be marked as a gap, and it should be closed out by incorporating several security controls. Any critical finding during the ICS OT Cyber Security Maturity Assessment should be documented, the closeout action should be strategized, with a proper timeline of targeted achievement, being stewarded in a timely manner, and re-assess to ensure the compliance level and to ensure the continuous improvement
ICS OT Cyber Security Audit and Assessment
Periodic ICS OT Cyber Security Maturity Assessment is required to ensure the compliance and continuous improvement of the system, with the reference to the governing standard (industrial, national, or company standard). Vulnerability Assessment and Penetration Testing as the additional activities conveyed based on the recommendation from this phase, the ICS OT Cyber Security Maturity Assessment
ICS OT Cyber Security Compliance
-
Comprehensive ICS OT Cyber Security Assessment
The Maturity Assessment methodology, which is a Non-Intrusive Assessment method, is being used to get the big picture as well as the detailed security posture of the assessed ICS OT object. The compliance checklists adhere to certain standards combined with the architectural review, physical security audit, exploring the practices, interviewing key persons, and some other assessment approach to provide a thorough assessment process that can reflect the actual ICS OT Cyber Security profile
-
Gaining the Advantage from the Maturity Assessment
The ICS OT Cyber Security Maturity Assessment is a crucial step that should be performed in order to have a thorough understanding and deep profiling of the ICS OT Cyber Security posture against the assessed environment
Get Assessed Now
Full coverage from logical to physical access assessment, network perimeter, up to data access protection, backup and restore policy and practice, update attitude and practice, defence-in-depth from various points of view, and more checklists to be elaborated and assessed through this integrated ICS OT Cyber Security Maturity Assessment project
By referencing well-known Industrial Standards in Cyber Security and ICS OT Cyber Security such as NIST SP 800-82, ISA/IEC 62443, ISO 27001, NIST CSF or by using certain National ICS OT Cyber Security requirements or very specific requirements from company standards to bring the thorough and detailed ICS OT Cyber Security Maturity Assessment. The final deliverable is to provide a robust result that depicts the actual ICS OT Cyber Security posture including recommended controls actions and strategies
By referencing well-known Industrial Standards in Cyber Security and ICS OT Cyber Security such as NIST SP 800-82, ISA/IEC 62443, ISO 27001, NIST CSF or by using certain National ICS OT Cyber Security requirements or very specific requirements from company standards to bring the thorough and detailed ICS OT Cyber Security Maturity Assessment. The final deliverable is to provide a robust result that depicts the actual ICS OT Cyber Security posture including recommended controls actions and strategies
The final deliverable is the Final Report consisting of the executive summary, network architectural drawing of an assessed object, dashboard of compliance level against certain standards, the topmost priority items, detailed item & finding with complete explanation & finding evidence, Risk Register, and conclusion. The recommendation and strategic follow-up up also part of this deliverable, as all of it will be the baseline for the next execution of ICS OT Cyber Security assurance activities
Vulnerability Assessment (VA) is the recommended next sub-phase of the ICS OT Cyber Security Audit and Assessment to explore deeper using Intrusive Assessment methodology against selected systems/devices as per the result from the ICS OT Cyber Security Maturity Assessment. Safety assurance is the ultimate baseline to be complied with in any activities introducing such Intrusive Assessment methodology. The Detailed recommendation to perform certain VA activities is based on the ICS OT Cyber Security Maturity Assessment sub-phase
Penetration Testing (PT) is the recommended next sub-phase of the ICS OT Cyber Security Audit and Assessment to verify and validate certain listed vulnerabilities as per the result from the Vulnerability Assessment (VA) phase by using certain exploits and/or other approaches. Safety assurance is the ultimate baseline to be complied with in any activities introducing such Intrusive Assessment methodology. All Risk Register will be incorporated to include the selected results from several phases, including this sub-phase (PT). The recommendation to perform any kind of PT activities is based on VA sub-phase.
More Consultation
ICS OT Cyber Security Assessment is one of our core competencies – Contact us for more information and consultation. Sharing session will be another option for those who have the willingness to know more regarding ICS OT Cyber Security, to strengthen the decision to move forward on ICS OT Cyber Security Assurance milestones