Cyber Security

Overview

In a digital world, establishing the cyber threat landscape for your business is imperative. What are the assets you need to protect? Who would benefit from accessing or controlling these?

As a trusted partner, we ask the right questions to determine your organisation’s risk appetite and acceptance criteria. We’ll help you create a risk picture and pinpoint issues – from gaps in your systems to the risk posed by inexperienced personnel. We can then work with you to put in place the best plans and solutions.

Track record

Our tools and experience safeguard businesses globally, ensuring our clients are aware of potential cyber threats and resilient to them. We provide cyber security assurance and advisory services for operational technology (OT) and integrated automation and control systems (IACS) security.

Service breakdown

Gap analysis

We take a systematic approach to identifying cyber security weaknesses and will help you map your performance to a chosen standard or regulation (ISO 27001, IEC 62443 series or other). Based on this, you can decide what actions to take next.

Cyber awareness training

Cyber attacks are often aided by unknowing employees, who are either acting in good faith or without better knowledge. We’ll help train your people to reduce this common risk with a tailor-made programme.

Information security implementation, ISO 27001

We can establish a bespoke management system for your organisation that complies with ISO 27001. You can chose to align with this standard or go all the way to gain certification.

Business continuity implementation, ISO 22301

A cyber attack is a major risk to ongoing operations, and should be planned for. We can establish a tailor-made management system, compliant with ISO 22301, for your organisation.

Cyber risk assessment

IEC 62443 is the standard adopted by several industries for cyber security. It takes a risk-based approach, promoting a high-level and a detailed risk analysis. We’ll cover both sides. You’ll benefit from our experience carrying out safety risk analysis for control systems. This provides a unique platform to efficiently include cyber security factors in risk analysis.

Cyber Security Management Plan

You plan will define the steps you need to take to ensure cyber security risks are assessed to best practice and prevailing requirements. It defines actions, responsible parties, deliverables and methods to be used. We’ll help you put this plan together, either for the project phase you’re currently entering or your project’s full lifecycle, from concept to operation.

Cyber Security Requirement Specification

We help specify requirements that your project and your suppliers must meet. This includes establishing the security levels for each of the identified critical components or systems in your architecture.

Third party assessment: Industrial automation and control systems

Meet leading standards: CENELEC, ISO 27000 and IEC 62443 (assurance). For the rail sector, we offer four assurance roles: : Notified Body, Designated Body, Assessment Body and Independent Safety Assessor. We also act as a third-party assessor. Assessing security is increasingly a requirement of standards and regulations and includes both physical and cyber security.