In the modern age, it is imperative that organisations relying on Operational Technology (OT) to monitor and control industrial processes should maintain an awareness of their current Industrial Control Systems (ICS) security situation. Every business aims for 100% uptime from industrial systems, regardless of the sector or industry. While this may never in fact be possible, there are prudent measures to ensure maximum possible uptime is achieved, such as preventative maintenance, planning responses to failures, carrying spares and so on. In addition, this need now stretches into the first level, and possibly beyond, Supply Chain.
Due to the increasing use of Commercial off-the-shelf (COTS) technology originally intended for IT use, coupled with the increased connectivity of industrial systems to aid fault diagnosis and repair, there is an increased level of risk due to threats exploiting common vulnerabilities to do harm. As such, a facet of any Operator/End-User’s operational risk-awareness and monitoring should now include awareness of their cyber-security situation and any gaps or vulnerabilities that might be exploited by malicious actors.
The Siker cyber diagnostic service will provide the Client with an understanding of their own current OT security situation. Siker has a standardised framework to assess the Client’s situation and enable reporting in a simple traffic light format at high-level for use by Senior Leaders, with detailed supporting information for use by Operations or Engineering leaders.
Following the assessment, Siker can also provide a suggested roadmap for the Client to follow to improve their security posture. This maps to the assessment report to allow the Client to track progress and demonstrate progress to Senior Leaders and other stakeholders such as Regulators and Competent Authorities. The report can also be used by Siker to prepare a document suitable to submit to national Competent Authorities to meet the Cyber Assessment Framework (CAF) reporting requirements.
Siker also has a standardised risk-assessment process to allow formalised assessment of risk-levels across the levels of the System under Control (SuC) covering the entire SuC, specific sub-systems or individual ICS. This may be used to assist with definition and design of risk-mitigation control measures or to validate an existing set of control measures achieve risk-levels As Low As Reasonably Practicable (ALARP) as defined by Clients own risk-appetite.
Siker can deliver these services as either personnel embedded within a Clients organisation or based on meetings and workshops but completed offsite at our own offices, as best suits Clients needs and timescales.
Find out more about Cyber Diagnostics Consultancy
Registered office and postal address
Whiteleaf Business Centre,
11 Little Balmer,
+44 (0)20 3441 7642
We have a regional office located in: Edinburgh, UK
Siker Ltd is registered in England & Wales
Company Registration Number No. 11208267