SecuriOT Risk Assessment Tool
Make your OT-risks tangible and measurable with the SecuriOT Risk Assessment Tool
The number of cyber-related attacks against OT-infrastructure is increasing, and many companies are aware of how downtime in production is likely to have detrimental effects to a corporation’s revenue, reliability of delivery, and revenue.
Many of our utility companies are simultaneously required to have a cyber security strategy, which follows a given security standard, for instance: ISO27000, NIST Cyber Security Framework or IEC62443.
One of the most vital disciplines within OT-security is to have the company’s security profile and tolerances defined, as well as identifying threats and risks facing the company.
Making these threats and risks tangible is a difficult task.
The questions are many:
- Which threat scenarios are we facing?
- What are the consequences, and what are the odds of them being realized?
- Which proceedings should be set in motion to mitigate these risks?
- How should we prioritize initiatives against these risks?
- What is the “Return On Investment” of mitigating these risks?
SecuriOT can help you with concrete answers to these questions and many others.
SecuriOT Risk Assessment Tool: a customized tool for making your OT-risks tangible.
SecuriOT has developed The SecuriOT Risk Assessment Tool which is based on several years of experience with completion of OT-risk assessments and in-depth acquittance to the requirements that companies must respond to. This Risk Assessment Tool works, among others, with terms and concepts like “OT Cyber Security Framework” which prescribes the following:
- Definitions of conduits and zones included in the analysis
- Recommendations for mitigating newfound risks which are given on foundation of the “7 Foundational Requirements” and the appurtenant “Security Requirements” and “Security Levels”, which are continual for IEC62443 standards and technical documents.
- Recommendations for daily procedures and work instruction that are to be rooted in an actual “Cyber Security Management Program.”
Why use The SecuriOT Risk Assessment Tool?
Here are the advantages of utilizing The SecuriOT Risk Assessment Tool:
- A flexible tool that is adaptable to your company’s wishes in explanations of concrete threat scenarios, description of risks and consequences, reporting, etc.
- Access to integrated threat scenarios which makes it easier to get started.
- Access to an advanced calculation of “likelihood”, who makes likelihood and calculation more valid.
- Suggestions for management of found risks – made in consideration to technical aspects (IEC5443 3-3) and contemporary policies and procedures (IEC 62433 2-1).
- Input for risk descriptions and prioritization of these.
- “Return On Investment” calculations of whether investment in mitigating your security threats are warranted given the consequences and likelihood of their occurrence.
- Project process in the approved initiatives for mitigation of the found risks.