In an industrial environment, cyber risks can no longer be ignored. If you could use support in finding suitable solutions, then the Cyber Resilience team is your partner. KH Engineering’s Cyber Resilience team is your help in mitigating cyber risks.
We can also advise you on legal requirements such as the new NIS 2.0 (EU) and WIB (NL).
Ewald Coenraad | Consultant OT cyber security
WHO WE ARE
The integrity of industrial control systems faces an increasing threat. This is driven by increased connectivity and newly embraced technologies such as Industrial Internet of Things (IIoT) used to improve business performance. The continuously increasing level of advanced technologies is being used by various threat actors (hackers). This has been demonstrated during cyber incidents in recent years, with industrial OT networks and equipment becoming prime targets for cyber attacks. Industry trends show that cyber attacks are becoming more serious and frequent. KH Engineering’s Cyber Resilience team is on standby to help clients with these kinds of issues.
The Cyber Resilience team consists of qualified OT cyber security consultants with extensive hands-on experience in industrial automation, supported by Industrial Automation and Control Systems (IACS) experts. To safeguard your business operations and corporate values, we follow the highest standards in cyber security, safety, data security and ethics. To achieve the best results, our services are tailored to your purpose and we believe in working together as partners.
SUPPORT FOR INDUSTRIAL PROJECTS
Our OT cyber security experts can provide you with consulting services to enhance your cyber resilience. It includes both brownfield and greenfield support. Together with IACS / Supervisory Control And Data Acquisition Software (SCADA) process control engineers, the Industrial Automation and Process Control System can be designed with cyber security in mind.
INDEPENDENT CONSULTANCY SERVICES
Cyber resilience is a complex issue and requires professional and highly trained personnel. Our OT cyber security experts can provide you with consulting services to enhance your cyber resilience. Our services cover a wide range of aspects, such as establishing a cyber security management system, policies and procedures, compliance with standards and regulations, and inspecting OT network designs. These services are supported by a large group of IACS/SCADA process control engineers with extensive knowledge and experience in OT design and implementation.
Our activities include the following support:
- Advising on the EU NIS directive and local regulations
- Assisting in the implementation of a cyber security management system (CSMS) according to industry standards such as IEC62443 and NIST-800-82
- Performing a vulnerability assessment of industrial networks using advanced technology
- Advising on risk management and mitigations
- Performing ‘healthy checks’ and controls audits
- Assessing and improving the cyber resilience of your IACS architecture design
- Ensuring that your IIoT is securely implemented
OUR CONSULTANCY SERVICES
OT NETWORK SAFETY SCANS
Gain insight into all assets and connections in your OT network. Outdated software, firmware and equipment, unsecured remote connections and improperly configured firewalls are used by hackers to conduct cyber attacks. People are often unaware of hidden (internet) connection paths to their Industrial Automation and Control System (IACS) that can serve as secret backdoors for hackers.
A risk assessment of the IACS and its subsystems gives you the confirmation that your defence mechanisms are effective. First, based on your operations and production process, we consider the attack surface and determine the level of required security. Subsequently, we consider the IACS and assess your measures for current and emerging threats. You will learn whether your current cyber security level is sufficient and what measures need to be adapted to mitigate the risk.
IACS DESIGN AND ASSESSMENT
To achieve a high resilience against a cyber attack, the IT/OT system architecture should be designed with a focus on cyber security. High-value and security-critical production systems must be secured with appropriate measures. We will define the security requirements for the system design, assessing existing designs and challenging vendor designs to meet the required standard. We will help you with the FAT (Factory Acceptance Test) and SAT (Site Acceptance Test) and supervise the implementation of the requirements in your IACS.
We conduct assessments in accordance with IEC-62443 for industrial control systems. The compliance report provides insight into the current maturity of measures such as roles and responsibilities, OT network design and security, OT security management and OT security operations and procedures. We then advise you on how to close the gap between the current and desired situation.