Simple evaluation of the status of your OT security
The efficient protection of grown information technology of production plants against current threats such as cyber attacks, internal manipulations or faulty configurations is an increasing demand – on people and technology. After all, these threats can result in system failures or even complete production downtimes.
Security is the goal!
To help you get closer to this goal, we have developed IRMA® OT-EVAL, an evaluation concept for the entry into Operational Technology (OT) security. Gain experience and better evaluate your production plant: away from the perceived security – towards the facts, the actual state.
This professional evaluation is achieved by using the IRMA® Security Appliance for independent recording and analysis of assets, devices and their data connections. On the basis of this up-to-date information, our network and OT security specialists work with you to assess possible threats and risks.
For which projects is this particularly useful?
- Protection against cyber risks
- You – or a company from your industry – have had an incident or are using older automation devices
- You need decision support for further investments / renewals
- You want to be certified or have to meet the requirements of ITSiG
- … or efficiently assess the risks based on the current overview of all devices and systems
Results with the IRMA® OT-EVAL package
- Immediate overview and transparency of your IT / OT devices and systems
- Visibility of anomalies during the evaluation period
- List of results and recommended measures
- Proof of the initiated security process
- Risk analysis of the highly critical findings
Your advantages when using IRMA® OT-EVAL
- Immediate availability of analysis results
- Planning of further, priority security measures on the basis of clear analysis results
- Access to OT-Security specialists who actively support you in every step of the evaluation
The route: IRMA® OT-EVAL – Procedure and details
1 | PREPARATION AND SUPERVISED INSTALLATION OF IRMA®
In advance, the optimum measuring location in the plant is identified by telephone and the steps for installation on site are discussed. Dispatch of the pre-installed Security Appliance by mail.
2 | TRANSPARENCY AND INSIGHT
Immediately visible data of the devices and systems with detailed representation of their communication and used protocols are jointly inspected directly after installation.
3 | MONITORING AND ALARMING
Continuous recording is achieved through the cognitive analysis of communications. Any abnormalities are immediately detected and alerted.
4 | EVALUATION OF THE DATA
In a joint analysis with an OT security and network specialist, the collected data is analyzed to determine what anomalies exist and what measures can be derived from them.
5 | PRESENTATION OF RESULTS
Finally, the results of the analysis and recommendations for action are presented.
6 | REPORT
Electronic report on the devices and communications found and the result of the initial risk assessment.
7 | PROOF OF THE SECURITY PROCESS
You can choose whether the risk analysis reports should be continued according to ISO27005 or, for example, according to B3S Water/Wastewater..
Security evaluation and risk minimization as savings potential for the company
It is the start of the security management process. Passive monitoring enables the data to be recorded quickly and without feedback. All information is available for risk analysis and further documentation with little effort. Immediate improvements in availability and reassessments of risk provisions are possible.
· Status evaluation of OT security within 30 days
· Support by OT-Security specialists for 8 hours during the whole period
· On-site use of the IRMA® security appliance
· Optional: Risk analysis according to ISO 27005
A professional evaluation of the status of your OT Security is just the right thing for you? Then you are welcome to contact us.