OT Security Done Properly

 

We understand that networking for ICS, DCS and SCADA presents unique challenges and specific risks not present in most IT environments.

Lithify consultants spend a high proportion of annual consulting time working in Operational Technology environments across Europe and the Middle East. Our expertise comes from many years working with clients in such environments and, during that time, evolving security strategies which support which support their very particular needs.

Significant experience of working with leading energy providers gives us unparalleled expertise to evaluate, specify and implement solutions.

IT/OT convergence has been a focus for many years and continues to grow as a requirement. Providing a solid foundation for IT and OT remains our primary concern.

Our practical consultancy approach means that we maintain clear focus on solution delivery. We have a clear track record of efficient projects, delivered dependably to time and budget.

We specialise in:

  • Security strategy
  • Network design
  • Pragmatic Account Management
  • Troubleshooting and remediation
  • Dependable project delivery

The specifics of our solutions in this space are complex, and, due to the sensitive nature of this sector are best discussed in a closed forum. Please contact us for more details of how we may be able to help. 

 

What is OT? 

OT in network management means "Operational Technology", and refers to systems of heavy engineering running specialist appliances. 

In utilities, it could refer to turbine control and management, power distribution, water desalination controllers and waste filtering. 

In wider industry, it encompasses automated plant such as conveyor systems, signal controls or industrial machine to machine controls. 

In OT, we also use the following terms to describe various systems:

ICS: Industrial Control Systems
DCS: Distributed Control Systems
SCADA: Supervisory Control and Data Acquisition

IT/OT Convergence

OT convergence is a hot topic for all operators at the moment, and there’s a distinct drive to understand what can and can’t be achieved. Our clients have already benefited from our proven track record in this space.

Despite the undoubted desire to achieve convergence, projects are stalling because of the complex challenges raised. 

Merging IT (information technology: commercial networks, email, productivity systems, user management) with OT (operating technology networks: managing industrial appliances) is becoming a common expectation due to:

  • The need for a single, coherent policy across all parts of the enterprise
  • The need for visibility across all parts of the network: driven by both network management, and the need to comply with regulatory concerns
  • The desire for centralised access to live information
  • Perceived cost savings

 

Competing Priorities

Convergence must balance two distinct entities, with very different priorities:

Help Us with Research

 

We're working with Cambridge University on a study into the standards required by Essential Infrastructure organisations. 

Henri van Soest is a PhD researcher in Land Economy at the University of Cambridge. His thesis deals with cybersecurity issues in the electricity system.

A combination of decarbonisation, distributed generation, and digitalization has simultaneously made the electricity system more vulnerable to cyber attacks, and it has made it harder to defend the system against them.

In his thesis, Henri looks at the role of system design and standardisation in addressing cybersecurity challenges in the electricity system. The central hypothesis is that, in the absence of direct hierarchical control, a focus on design decisions can play an important role in cybersecurity protection. The thesis develops a model for documenting how design decisions are spread throughout the entire electricity system, and tests this by looking at the European policy framework for promoting cybersecurity in the electricity system. Overall, the thesis hopes to provide a clear mapping of the dynamics at play in the policy landscape regarding cybersecurity of the electricity system.

Henri is gathering information from industry professionals through a targeted questionnaire. In total, the questionnaire contains fifteen short questions, divided into five sections that represent the primary elements of the model. It takes around ten minutes to complete. The replies to the questionnaire will help in checking and fine-tuning the model, and ensuring its usefulness for practitioners.

We'd be very grateful for your assistance

 Research Questionnaire

How to Engage Us

Lithify is available for short or long term engagements, to help with a problem, to implement a specific project or as your preferred partner in IT Security. 

Contact us, book an initial (free of charge) consultation or request an urgent call back

Contact Us