Service

OT cyber security services

OT cyber security services

Risk assessments
Development of a security program
Incident response workshops

Cyber-attacks are real – how compliant is your business?

Cyber threats are increasing and constantly evolving
Organisations must protect against these threats to avoid becoming inoperable
Identifying vulnerabilities enables you to formulate an effective defence and mitigation strategy
Threat actors can exploit vulnerabilities within your organisation's infrastructure and cause severe damage to operations, business integrity, reputation and lead to significant financial damage

Mitsubishi Electric offers a risk assessment methodology that aligns with IEC62443 international standards and government regulations

The risk assessment provides:

An understanding of the operational technology (OT) landscape, security zones and identification and classification of current inherent risk
Definition of risk treatment and target levels using MITRE ATT&CK framework mitigations HSE OG0086 Appendix 5 IEC62443-3-3 Annex B

The OT cyber security risk assessment:

Phase one – OT site survey

Discovery of site infrastructure
Industrial automation control system (IACS) asset inventory
Creation of the simple network diagram (SND)

Phase two – OT cyber security risk assessment

Identify and classify security zones
Identify vulnerabilities and threats
Measure inherent, current and residual risk
Define target level and recommend risk treatment

It is our recommendation that following delivery of the risk assessment we would work with you to develop a managed security program which is a key governance component and defines a strategic approach to managing your organisation’s cyber security regime.

Contact us today

If you would like to understand your OT cyber security risk, please contact us today: automation.serviceteam@meuk.mee.com
Or Telephone 01707 288780 (option 4).

Your critical assets are under threat of cyber-attacks. Find out how you can reduce your risk.

Having a formally managed security program is a key governance component
Formalised processes help you protect your critical assets by reducing cyber risk
The security program always aligns to the latest updates to IEC62443-2-1 and HSE OG-0086
The security program helps you to meet your governance, risk and compliance (GRC) obligations

Mitsubishi Electric offers a security program, tailored to your organisation’s needs and goals

The security program delivers a strategic approach to managing cyber security using well defined cyber security practices, aligned to global cyber security frameworks, international standards, regional and corporate policies.

Developing a managed security program gives you the peace of mind that you have an effective system in place to manage cyber security risk now and in the future

The security program elements:

SPE 1 - Organisational security measures

SPE 2 - Configuration management

SPE 3 - Network and communications security

SPE 4 - Component security

SPE 5 – Protection of data

SPE 6 - User access control

SPE 7 - Event and incident management

SPE 8 - System integrity and availability

Pre-requisite
An OT cyber security risk assessment must have been carried out

Read more above?
It is our recommendation that following the creation of your security program, we work with you and plan to deliver recommended improvement activities that match your new cyber security policies and standards, based on your key priorities

Contact us today

If you would like to develop an OT cyber program as part of your governance and compliance strategy, please contact us today: automation.serviceteam@meuk.mee.com
Or Telephone 01707 288780 (option 4).

Is your business ready to respond to a cyber attack? Find out how to build effective defence strategies.

It is critically important to test and validate your organisation’s readiness to respond to an industrial automation control system (IACS) cyber incident
A developed incident response process and security program can identify weak points and enable proactive defense to address these threat
Cyber related attacks and threats are on the increase with the Health & Safety Executive (HSE) and the National Cyber Security Centre (NCSC) now mandating that organisations must have an incident response plan, tested and in place

Mitsubishi Electric offersIACS incident response workshops which cover incident response scenarios designed to test what would be needed if a cyber attack occurs and covers IACS defence capabilities, safety processes and cyber readiness., enabling you to develop an incident response plan in line with the internationally recognised best practice guideline NIST 800-61

Benefits to your organisation:

Validated incident response readiness
Improved awareness of IACS equipment adversary capabilities
Improved detections, actions and plans

The workshop process

An incident response and handling process detects, analyses and responds to cyber security incidents and threats

The NIST 800-61 incident handling guide is used and is internationally recognised as best practice for determining the incident response phases

The workshop will review:

Preparation
Detection and analysis
Containment
Eradication
Recovery and post incident

Workshop output:

Post incident review of reports generated during the workshop

Actionable improvements and recommendations in line with NIST 800-61
Development of best practice and credibility
Prioritisation of actions using the priority fix rating methodology
Ensures all actions are suitable, achievable and measurable

Contact us today

If you would like to understand how to respond to a cyber security incident and develop an incident response process, please contact us today: automation.serviceteam@meuk.mee.com
Or Telephone 01707 288780 (option 4).

Contact us
- Technical Support
- Contact us
Newsletter
Service
- Support
- Shop
Downloads