BUYER'S GUIDE 2023

INDUSTRIAL

CYBERSECURITY
TECHNOLOGY,
SOLUTIONS &

SERVICES
The State of the Industrial

Cybersecurity Market in 2023

Foreword These include:
The Threat Landscape
Once again, I am delighted to introduce the latest edition of the Information and operational technology are becoming more intertwined
‘Industrial Cybersecurity Technology, Solutions, and Services Guide.’ within industrial enterprises globally. Consequently, they are
Now in its fifth year, our annual Guide aims to help industrial transforming into distributed, large-scale cyber-physical systems that
stakeholders understand the complexities of cyber solutions, make are increasingly complex to manage.

more informed decisions about their cybersecurity needs, and The impact of doomsday and blackout scenarios can be measured not
strengthen the security of their industrial environment. This Guide only in terms of catastrophic consequences but also in terms of the
physical impact and panic that they may have on the home front. The
also provides an extensive overview of the cyber solutions available Colonial Pipeline incident had profound repercussions beyond the
to prevent malicious internal and external threats alongside helping industry. It was perceived, whether true or not, as a potential effect on
to identify and address the associated risks.
people directly at the pump, which created considerable anxiety.
Industrial organizations often struggle with cybersecurity decisions,
Nation-State Cyber Criminals
such as what to protect and prioritize with limited resources,
With nation-state actors becoming more audacious in their cyber-
generating more complex issues to manage. Fortunately, our Guide attacks, organizations must ensure they are well-informed and have
categorizes industrial cyber solutions and services, outlining the comprehensive security policies and incident response plans. However,
benefits of employing them, alongside providing an extensive list of threat groups are increasingly difficult to track, and previous attributes
vendors. This invaluable information demonstrates the wide range of such as Tactics, Techniques, Procedures (TTPs), and motives are no
cyber tools and vendors available to help secure industrial longer valid indicators.
enterprises from end to end.
The Russia-Ukraine War
Industrial cybersecurity is not for the faint-hearted and requires The war has increased criminal group collaborations and global
dedication and focus beyond the regular 9-to-5. Upon regularly cybercrime overall. Russian government-backed actors have used a full
consulting with industrial automation and security practitioners, I am spectrum of cyber-attacks, and cyber-warfare will be a key part of
constantly amazed by the passion these professionals have for future military conflict. Additionally, hacker groups and volunteers have
conducted cyberattacks, highlighting the long-term possibility of a
protecting their company's operational environments. Their strong 'cyber-proxy war'.
sense of purpose and responsibility to build a more secure world for
us all is truly admirable.
A Lack of Diversity and Inclusiveness
Over the past few years, we have made considerable progress in the Industrial experts are retiring, creating a severe lack of skilled new
entrants for the future. Likewise, more is currently needed to bring people
industrial cybersecurity landscape, however, there are numerous from all backgrounds into the field.
internal and external issues that must be addressed.

Market Industrial Cybersecurity Technology, Solutions & Services 2

The Elephant in the Industrial Room
Over the past 12 months, there have been plenty of ransomware
attacks, such as Toyota's manufacturing plants, Dole's supply chains,
UK's South Staffs Water, and Thames Water, to name a few.
Ransomware attacks targeting IT networks and computers are, by
far, the biggest threat to industrial enterprises.

While malware and ransomware can specifically target OT systems

(Stuxnet, Havex, Industroyer2, Triton, Pipedream, CosmicEnergy and
Snake etc.), IT-targeted malware that impacts industrial
organizations (EKANS, LockerGoga, and BlackEnergy3, etc.) is more
common.

There is a growing awareness of attacks on critical infrastructure

due to the increased transparency of impacted organizations.
However, many stakeholders remain unaware of the magnitude of
the current situation and are unprepared to effectively manage
potential threats.

Another major concern is the lack of confidence critical

infrastructure providers/manufacturers have in their current
defenses and protections. For example, how many incidences have
we seen whereby ransomware attacks on IT systems have caused a
full-blown operational shutdown ‘out of an abundance of caution’?
This indicates that some company boards, management, and tech
teams do not have confidence in their deployed OT defenses.

On a more positive note, global security agencies are collaborating

to help critical infrastructure asset owners/operators become more
aware of the potential threats and risks while offering detailed
recommendations for mitigating and containing attacks.

Our Guide provides valuable pointers and indicators to help

operational environments strengthen their cybersecurity stance.
Industrial cybersecurity must take priority now, so gear up and get
ready!

Jonathon Gordon
Directing Analyst
Takepoint Research

Market Industrial Cybersecurity Technology, Solutions & Services 3

Market Evolution 
 Market Drivers and Trends
and Maturity
Integration of technology
While the industrial sector is not homogeneous, and industrial Collaboration, convergence, and alignment is rapidly proceeding,
enterprises come in all shapes, sizes, and levels of cyber maturity, and technology (IT/OT/IIoT/Cloud/5G) is becoming increasingly
the wheels are in motion. All companies should identify their interconnected to deliver stronger outcomes. The driving force is
operational goals and risk tolerance to create a successful strategy. operational or cybersecurity concerns, such as combining and
This requires considering the various people, technologies, and normalizing data from various sources in OT. IT can then use this
processes involved, both within and outside the organization, which data to produce more accurate productivity reports, conduct threat
may also differ between and within industries. A diverse, hunting, and prevent threats.

multidisciplinary approach will help organizations align with various By integrating asset inventory, vulnerability data, risk scoring, and
stakeholders and expectations, enabling successful deployment threat intelligence, SOC analysts can gain an up-to-date view of the
and secure remote access to industrial environments.
landscape. This comprehensive approach can be further enhanced
Actions to advance along the spectrum of industrial cybersecurity by combining a crown jewels exercise with external (OT) attack path
maturity must always be weighed against the cost and efficiency of analysis. Furthermore, similar data could be used to automate
each step and the actual risk that will be reduced.
segmentation and threat prevention measures, going beyond mere
granular detection.
When addressing cyber risks, companies should be proactive by
accurately identifying, quantifying, and prioritizing them. Doing so will Collaboration Between Teams and Disciplines
enable them to implement the most efficient solutions that provide
comprehensive security for the entire industrial enterprise.
Stakeholders must work closely together to construct secure
One of our recent survey reports revealed that there is a wide gap architectures and teams that are compatible with both legacy and
between practitioners’ levels of ‘concern’ regarding cybersecurity new systems.

risks and their ‘confidence’ in the current solutions in place.

Increased awareness of available approaches will significantly
Our report further revealed that the traditional gap between contribute to addressing current and future cyber risks. Meanwhile,
departments and operating silos is narrowing, as organizations training programs will help employers provide greater cybersecurity
strive to implement a comprehensive, risk- and consequence- to their operations and build an upskilled and reskilled workforce.
based approach to industrial cybersecurity engineering. Cross-disciplinary training can help transfer skills, boost efficiency,
and accelerate the completion of tasks.

A holistic approach to security and operation, including individual

machines/processes, lines, plants, and other ecosystems is the best
way to maximize efficiency and ensure safety. This will help createan
enterprise-wide, secure, and unified environment across the supply
chain and its associated networks.

Market Industrial Cybersecurity Technology, Solutions & Services 4

Mind The Gap: Talent, Skills, and Diversity deteriorate. To ensure the safety and stability of national services,
public and private sector partners are coordinating to enhance
It is no secret that experienced industry professionals are aging and these infrastructures.

retiring, resulting in a loss of institutional knowledge and a shortage

The COVID-19 pandemic and the war in Ukraine’s impact on global
of qualified replacements to fill their positions. As a result, the
supply chains have demonstrated that countries are more
cybersecurity skills shortage is widening.

connected economically than ever before. Such issues affect us all

Although training is in high demand, it remains expensive and
in some way, not just North America and Europe.

constrained, making it inaccessible to many who wish to pursue a

career in industrial cybersecurity. Moreover, being distinct areas of The intertwined complexities of critical infrastructure in most nations
expertise, OT and IT require unique training approaches, which demand that the public and private sectors enhance their
increases their inaccessibility.
partnerships to protect critical services, reduce current security
When organizations lack the qualified talent they need, they vulnerabilities, and mitigate potential risks posed to supply chains
become more vulnerable to threats and attacks. Consequently, and national security.

there is a strong demand for skills, while the number of skilled people However, trust and complexity issues hinder information sharing
remains limited.
among public-private partnerships, posing an increased threat to
Currently, the skills shortage is being addressed through a national and economic security.
combination of in-house staff and outsourced contractors. Most
organizations require IT hires to acquire or possess OT security skills. A call to action
However, larger organizations will allocate positions for dedicated
There have been calls for global agencies to leverage the
OT security personnel or hire external firms to handle certain parts of
combined resources and expertise of national governments,
their ICS/OT, especially regarding threat surveillance and incident
response.
industries, and other stakeholders to share trusted information,

To exacerbate the situation, our industry lacks diversity in talent, which evidence shows is starting to happen.

gender, and ageー which is common knowledge to us all. However, Increased intelligence sharing by agencies such as CISA, ENISA, and
greater diversity would bring many benefits that cannot be NCSC is beneficial, as it allows for informed decisions and timely
achieved through any other means.

actions that can enable security and resilience activities. The

Having a diverse team is advantageous in problem-solving as it exchange of information is also vital. In some cases, government
brings together individuals from different backgrounds and
data declassification has gone from taking months to taking only
perspectives. This can result in more creative ideas, innovative
solutions, better decisions, and improved outcomes, alongside hours, which adds power to the organization's defense against
potentially mitigating risks due to the variety of insights available.
mitigating attacks.
We must initiate open dialogues to discuss the obstacles preventing In the previous edition of our Buyer Guide, we highlighted:
our industry from achieving greater inclusivity and diversity.

Vendors are here to help An inventory of all OT, IT, and IIoT assets, processes, 

and connectivity paths in the OT environment will provide
The security and resilience of critical national infrastructure are necessary data to help tackle inherent risks from
becoming increasingly important as the landscape continues to vulnerabilities and misconfigurations.

Market Industrial Cybersecurity Technology, Solutions & Services 5

Introducing the ETHOS platform After all, nation-state actors do not need to target the largest
As if responding to this call to action, several industry leaders organizations to cause chaos and panic. In fact, it might make more
recently announced a new open initiative to improve the availability sense for them to target the smaller ones, which is something we
of OT/ICS devices and networks for data sharing and collaboration; need to realize to enhance the coverage.

the ‘ETHOS’ platform. This project aims to provide an OT-centric, Having said that, well-intentioned governmental initiatives could
vendor-agnostic, open-source ETHOS platform so that cybersecurity mistakenly create more frustrations if they were to employ a ‘one-
teams and stakeholders can improve industrial process automation, size-fits-all' approach. For initiatives to be successful, they must
optimize production, and reduce operational costs. consider the nature, size, and resources of the entity at hand.

Furthermore, at this year's RSA As Fitch Ratings recently highlighted, if the US EPA mandate for public
ETHOS water systems were to include cyber risk and resiliency reviews, this
Conference, MITRE launched a
Launched in April 2023, by would create additional regulations and financial burdens. Hence,
promising initiative: an ex-tension of a leading group of OT
its Caldera cyber-security frame- vendors, the platform can smaller systems and those with minimal existing cyberinfrastructure
work, ‘MITRE Caldera for OT.’
anonymously share early could struggle to manage such initiatives.
warning threat This is not just a big company problem
The tool allows security teams to information across
run automated adversary emula- industries with peers and Inclusivity must also be extended to smaller, less well-resourced
tion exercises targeted at OT governments, enabling organizations/nations, and minimizing cyber risks should not be
them to investigate early
environments. Built on the MITRE threats and discover new limited to public utilities, large corporations, and government
ATT&CK for the ICS framework, MITRE attacks. If ETHOS proves to departments. As a global industry, we must include smaller
Caldera for OT mimics the attack be useful and is widely organizations and nations in the picture.

path and attacker capabilities adopted, it could be a

remarkable achievement After all, nation-state actors do not need to target the largest
defined through ATT&CK for ICS or in the industry. organizations to cause chaos and panic. In fact, it might make more
other custom-built plug-ins. sense for them to target the smaller ones, which is something we
Organizations can use cyber risk analysis and adversarial emulation need to realize to enhance the coverage.

tools to disrupt the cyber kill chain and enhance the protection of Having said that, well-intentioned governmental initiatives could
critical infrastructure environments. mistakenly create more frustrations if they were to employ a ‘one-
This is not just a big company problem size-fits-all' approach. For initiatives to be successful, they must
consider the nature, size, and resources of the entity at hand.
Inclusivity must also be extended to smaller, less well-resourced
organizations/nations, and minimizing cyber risks should not be Risk Management and Cyber Security Engineering
limited to public utilities, large corporations, and government Technological advancements are transforming industrial markets
departments. As a global industry, we must include smaller as businesses evolve their models to capitalize on these innovations.
organizations and nations in the picture.

Market Industrial Cybersecurity Technology, Solutions & Services 6

While new technologies and systems may offer efficiency gains, Product and Supply Chain Security
they also present some risks. It is, therefore, essential to identify, All organizations should be aware of the risks associated with
understand, manage, and appropriately mitigate these emerging product and supply chain attacks. Such attacks are a concern for
threats.
cybersecurity experts because a single attack on one supplier can
This would involve an explanation of risk appetite, implementation of trigger a chain reaction and compromise a network of providers. As
mitigation strategies, and communication between all stakeholders. a result, supply chain attacks are a crucial element in
understanding and mitigating security risks.

Moreover, these processes should be transparent to ensure

effective risk management. Enterprises that were previously concerned with their own risks, must
now account for the more extensive supply risk that connected
Consequence-driven Cyber-informed Engineering (CCE) devices present. For example, the Pentagon was previously the
target for such attacks, but now a significant amount of valuable
Risk management discussions continue to evolve and mature. For technical intelligence is held by defense contractors who are
example, some suggest that rather than focusing on vulnerabilities equally susceptible to attacks.

and threats, we should hone in on the consequences of cyber Every connected device within the environment brings its own
incidents instead. These include enhancing future decision-making, extensive supply chain risk, with the weakest link ultimately
prioritizing cybersecurity investments, and improving the overall influencing the entire supply chain’s security level. As it stands,
security and resilience of critical systems.
enterprises are vulnerable to the risks of every connected device
This is known as Consequence-driven Cyber-informed Engineering within their supply chain. This calls for an update in strategies and
(CCE) and it is becoming a widely debated approach when taking a holistic approach to product and supply chain security to
designing and securing critical infrastructure systems. CCE actively mitigate the associated risks.

seeks to reduce risks to critical infrastructure by analyzing the Industrial asset owners and operators are increasingly discussing
impact cyber incidents can have on system operations, safety, and how to use and implement proactive ‘secure-by-design' and
reliability. Ultimately, CCE pushes risk management to the forefront.
‘secure-by-default' strategies to reduce risk. Likewise, industrial
CISOs are looking for solution vendors to ease their integration
Developed by the U.S. DoE (Department of Energy) at the INL (Idaho burden.
National Laboratory), CCE focuses on securing national critical
The evolution towards value-based cybersecurity strategies and
infrastructure systems.
‘secure-by-design’ initiatives are promising. However, OT and
The methodology assumes that if critical infrastructure is targeted industrial cybersecurity environments remain underfunded, while
by a competent adversary, it will be breached. According to the INL: deployed solutions suffer from a lack of basic care and trust.

Ultimately, asset owners and their vendors need to explore how to

eliminate vulnerabilities by implementing cybersecurity in all stages
of product development and delivery. They must also address who
Consequence-driven, cyber-informed engineering
enhances risk assessment for cybersecurity by combining will be responsible for maintaining security once the asset is
first-principles thinking with engineering ingenuity. deployed. ‘Secure by default’ can be easily switched off, so the
accountability extends well beyond the vendor and supply chain -
end-users have a vital role to play as well.

Market Industrial Cybersecurity Technology, Solutions & Services 7

Business Concerns
Diversity and Collaboration Relevant government and industry programs, such as ETHOS, enable
partnerships and information sharing with the private sector. This is
Companies must come together with all their stakeholders to highly advantageous as the private sector owns and operates most
protect the industrial environment. The ever-changing threat of a nation’s critical infrastructure.
landscape and heightened risks have made it crucial for firms to
prioritize industrial cybersecurity as part of their operations. To be Industrial Incident Response
successful in mitigating the risks, a multidisciplinary approach is
essential. Implementing a well-defined incident response plan is crucial for
accurately locating issues and efficiently recovering the system.
Role and Responsibilities Industrial incident responses must include proactive elements, such
as planning, incident prevention, and post-incident analysis/
The lack of definition of roles and responsibilities among personnel forensics, alongside reactive elements, which focus on detecting
in the event of an incident can be disastrous. Having such definitions and managing an incident.

in place and communicating them to operational staff can make a Reaction to a security compromise requires a swift response,
measurable difference in reducing the impact of an incident. Often, including detection, containment, remediation, recovery, and
using a tool such as the RACI (Responsible, Accountable, Consulted, restoration. Planning and alertness are also vital in mitigating the
and Informed) model can provide clarity and structure in defining amount of downtime, data loss, and reputation damage following
the responsibilities of various stakeholders. an attack.
Governance and Compliance Rethinking the Role of Risk Transfer
Generally, industrial cybersecurity governance remains low. In its In March 2023, insurance company Lloyd’s of London announced
absence, organizations often select and align with various industries that ‘catastrophic’ state-backed attacks will no longer be covered in
or government-agency-led frameworks, such as NIST, IEC, and MITRE. their cyber insurance policies. Consequently, the wider industry is
Industrial enterprises and organizations are increasingly taking on now reconsidering risk transfer in mitigation strategies.

the responsibility for aligning the adopted framework with their

security policies, conducting risk assessments, planning for security,
Lloyd's decision and various litigation cases have exposed the
fragility of the cybersecurity insurance sector. This is due to the
and preparing for incident response.
combination of evolving threats, recent losses, limited
Reporting and Information Sharing comprehension, and uncertain insurer commitment to this space.

Ironically, the ambiguous language and various exclusions in

As previously mentioned, cross-organizational/cross-border part- cybersecurity insurance policies, combined with what seems like an
nerships and information sharing have become essential for inevitable litigation process, may prompt industrial enterprises to
protecting critical infrastructure and advancing cybersecurity reallocate budgets to improve their risk management solutions.
overall.

Market Industrial Cybersecurity Technology, Solutions & Services 8

Technology Concerns
Network Segmentation Additionally, real-time monitoring is crucial to detect abnormal
behavior in insufficient logging and monitoring systems. System logs,
Network Segmentation in the OT/ICS network is critical, however, although valuable for post-attack forensics analysis, are limited in
many industrial enterprises are still lagging in network segmentation their ability to prevent and respond to ongoing threats.
of business-critical processes. For example, firewalls that are not
purpose-built for OT are not adequate, and many organizations are Vulnerabilities in Product Security and the Supply Chain
still deploying IT-firewalls to secure OT environments having little to
no impact on the security posture .
Numerous industrial products are launched with critical
vulnerabilities that should have been addressed prior to their
Deciding which assets are mission-critical and which are not can be
release. Discussions and initiatives around security-by-design,
a major challenge in segmentation projects. Utilizing a
SBOMs, and VEX, among others, highlight that multiple options are
consequence-based approach and conducting a crown jewel
available. However, further efforts are required to ensure proper
analysis can help address this issue.
alignment.
System Hardening
Industrial Cloud Security
Hardening of ICS systems is required to improve operational
Industrial cloud security is a multifaceted issue of particular
resilience and boost the overall cybersecurity position.

importance to certain industries, such as manufacturing and BMS

This approach works to bolster the security perimeter around
(building management systems). Data is often exported directly into
interfaces that connect the control system to external networks,
cloud-based analytics which then needs to be addressed with
device connections to ICS networks, and wireless device access
proper security measures.
points.

It also encourages organizations to take preventive measures to Zero-Trust for the Industrial Enterprise
protect their critical infrastructure, reduce their attack surface, and
eliminate potential threats, safeguarding their business assets.
The zero-trust model has the potential to be highly relevant to
Many IT/OT devices and workstations have minimal if any, hardening industrial cybersecurity as it assumes no implicit trust in any user or
measures. Moreover, insufficient access management leads to device, regardless of their location within the network. Instead, it
physically and digitally weak access control, undermining the requires verification and authentication for every access attempt,
deployed security controls. for both internal and external users.

Zero-trust principles enable a proactive approach to industrial

Industrial Identity Management and Zero-Trust cybersecurity, promoting the principle of continuous verification,
strict access controls, and risk-based decision-making. While zero-
Many industrial enterprises lack proper authentication, auditing, and
trust concepts have the potential to bolster industrial cybersecurity,
enforcement protocols when it comes to physical or digital asset
their lack of maturity means it is essential to research thoroughly
access, particularly for third-party and remote users.
before selecting a solution.

Market Industrial Cybersecurity Technology, Solutions & Services 9

A Snapshot of Global Industry
Guidelines and Regulations
Recent developments in the USA Recent developments in Europe
CISA’s Cross-Sector Cybersecurity Performance Goals NIS 2 Directive
CISA published a set of cross-sector cybersecurity performance goals In January 2023, the EU adopted an updated version of the Network and
(CPGs) to establish fundamental cybersecurity practices to reduce cyber Information Security Directive (NIS 2 Directive), which strengthens the
risk across critical infrastructure sectors.
cybersecurity requirements imposed on industrial companies. It also
These baseline objectives will likely improve industrial cybersecurity addresses the security of supply chains and supplier relationships,
resilience while prioritizing decisions, costs, and driving action. Likewise, they alongside assigning responsibility to management for failure to meet
aim to improve OT cybersecurity and respond to OT cyber incidents more standards.

efficiently.
Moreover, the directive increases transparency in reporting obligations;
To reach and benefit non-technical audiences, the CPGs are also easily- enhances the powers of national authorities; sets stringent requirements;
digestible to the average reader. They were constructed using existing and works towards unifying sanction regimes. Additionally, it will help
cybersecurity frameworks and agency observations, such as real-world increase information sharing and cooperation on cyber crisis management
threats, adversarial tactics, techniques, and procedures.
at both national and EU levels.

Moreover, these CPGs have recently been reorganized, reordered, and The NIS 2 Directive covers medium and large entities from critical sectors,
renumbered to align with NIST Cybersecurity Framework (CSF) functions. The including providers of public electronic communications services, digital
objective here was to help organizations prioritize investments and create a services, wastewater and waste management, manufacturers of critical
comprehensive cybersecurity plan that aligns with the CSF. products, postal and courier services, and public administration. At a central
and regional level, it also covers the healthcare sector, including medical
Medical Device Security: FDA & HHS device manufacturers. This is a result of the increased security threats
witnessed during the COVID-19 pandemic.

In March 2023, The Department of Health & Human Services (HHS) and the
Food and Drug Administration (FDA) published guidelines on establishing EU members must incorporate NIS 2 provisions into their national legislation
new cybersecurity requirements for cyber devices. This includes information by 17 October 2024.
that a sponsor for a premarket cyber device must include in its submission.
CER Directive
Healthcare stakeholders are required to present their infrastructure
cybersecurity provisions that cover software bill of materials (SBOM), In December 2022, the EU rolled out the Critical Entities Resilience (CER)
alongside a vulnerability disclosure report.
Directive. It aims to expand its scope into crucial sectors and create unified
cybersecurity regulations across the continent.

Designing medical devices with security features is mandatory, alongside

using strategies to monitor and maintain their security, post-market and The CER Directive replaces previous legislation and aims to strengthen the
beyond. All documentation must be provided to the FDA to verify that all resilience of critical infrastructure against natural hazards, terrorist attacks,
regulatory requirements have been fulfilled. insider threats, and cyber threats. It applies to 11 fundamental sectors, such
as energy, transport, banking, financial market infrastructures, health,
drinking water, wastewater, digital infrastructure, public administration,
space, and food.

Market Industrial Cybersecurity Technology, Solutions & Services 10

Members will need to adopt a national strategy and undertake regular risk In May 2023, the CISC also published its Critical Infrastructure Asset Class
assessments to identify the entities considered critical or vital for society Definition Guidance, which applies to all relevant infrastructure sectors. The
and the economy. The CER is the first EU regulation to recommend quality outline simplifies obligations for entities and direct interest holders. The
control of critical personnel in CIP (critical infrastructure protection), document covers 22 critical infrastructure sectors across ten categories,
including private security services. helping reduce complexity and improve their operational resilience.
EU Cyber Solidarity Act

Vertical Specialization
In April 2023, the European Commission implemented the EU Cyber Solidarity
Act which aims to strengthen cybersecurity capacities across the region.

The Act establishes EU capabilities to enhance Europe’s resilience and

responsiveness to cyber threats while strengthening existing cooperation
mechanisms, such as the European Cyber Shield. The Cyber Shield will There is a growing need to create a more context-specific operational
establish a comprehensive network of national and transboundary Security environment, as each industrial enterprise sector has its own unique set of
Operations Centers (SOCs) to detect, evaluate, and warn of cyber threats requirements.

across Europe.

Moreover, asset owners and operators need to optimize their limited

The act also includes a Cyber Emergency Mechanism to enhance readiness resources, such as equipment, personnel, and funds. As awareness of
and incident response capabilities. Likewise, this mechanism will establish a cybersecurity increases and vendors develop new solutions to meet the
new EU Cybersecurity Reserve and offer financial support for mutual demands of industrial sectors, there is now a larger selection of specialized
assistance. technologies available to them.

The need for risk-based cybersecurity is increasing, leading to the

Recent developments in Australia emergence of multiple cyber start-ups focused on securing industrial
Cyber and Infrastructure Security Centre (CISC) supply chains and managing cyber risks. These start-ups specialize in
various domains to provide tailored solutions for different needs.

Over the last 6-12 months, the Australian government has implemented a
series of new programs to protect the country's critical infrastructure and For example, some vendors calculate the dollar value of an enterprise’s
other high-risk sectors.
inherent and residual risks to provide better insurance policies for reinsurers.
Furthermore, some vendors focus on specific industry verticals, catering
In February 2023, the government published the 2023 Critical Infrastructure exclusively to these market niches.

Resilience Strategy framework to guide Australia in enhancing the security

and resilience of its critical infrastructure. The document outlines how As vendors begin to understand the specific needs of critical industries, their
industry, state and territory governments and the Australian government will offerings are becoming more specialized. So far, we have observed
collaborate to enhance the security and resilience of critical infrastructure. specializations in sectors such as:
It also defines how these stakeholders will anticipate, prevent, prepare for,
respond to, and recover from all hazards.

In the same month, the CISC published a risk assessment advisory for the Defense Manufacturing Transportation and Logistics, including
healthcare and medical sectors. The document encompasses crucial sub-category specializations such as:
aspects of critical infrastructure risks. It covers determining the criticality of Health and Medical Automotive Maritime
assets, comprehending interdependencies, evaluating threats and hazards,
implementing risk controls and mitigations, and providing a vital risk Aviation Rail
Power and Energy
assessment methodology. All of these components are integral to the
overall framework.

Market Industrial Cybersecurity Technology, Solutions & Services 11

Industrial Cybersecurity Operational IT/OT
§ Industrial IT Endpoint Protection,
EDR/xDR/EPŒ

Technology & Solutions Endpoint Security and

Patch Management
§ Device-level Zero-TrusÌ
§ Firmware, Configuration, and Patch
ManagemenÌ
§ OT Endpoint
The categorization framework in this guide is designed to enable Industrial
Enterprises to identify, evaluate and determine what type of technology and § Data Diode/Unidirectional GatewayÂ
Perimeter Security,
solution may be beneficial to their organization. The categories are § Industrial FirewallÂ
Segmentation, and Zone
designed to provide an elementary assessment of solutions, it is not an § Soft/Virtual/Micro-Segmentatio
Enforcement
exhaustive checklist. Furthermore, the framework is not sequential. Certain § USB/Removable Media Sanitization
solutions may be required at different points in the journey, depending on
the starting point and the cyber maturity of the organization. § Monitoring and Remediatio
§ Product Security and SDL(
Categories Sub-categories Product, Software, and § SBOM/HBOM Analysis, VEX, File
Supply Chain Security Integrit
Cyber-Physical § Data Manipulation and Data Injectio § Third-party Risk ManagemenÌ
Security and § OT/ICS Asset-Signal Integrity and OT § Vulnerability Management
Operational 
 Anomaly Detectio
Systems Health § Predictive Maintenance
§ Exposure Reduction and Vulnerability
Risk Management, Prioritizatio
§ Identity Governance Across Assets Governance, and § Industrial Threat Intelligenc
and User Compliance § Risk Exposure Analysis and ReportinD
Identity and Access
§ MFA, Passwordless, and SS¼ § Risk Management and Mitigation
Management (IAM)
§ Policy and Role ManagemenÌ
§ Privileged Access Management (PAM)
§ Access Control: ABAC/DAC/MAC/BA(
§ Audit and Compliance: Session
§ Continuous Vulnerability Logging/Recording/Terminatio
ManagemenÌ Secure Remote Access § Jump box, VPN Access, Converged
Industrial IoT (IIoT)
§ Embedded IoT Agent-IIoT Inventor SRA platforz
Device Security
§ Hardware/Softwar § Privileged SRA, Zero-Trust, and
§ Secure and Validate Device Updates Identity

§ Asset Intelligence - IT/OT/IIo` § Inbox Cyber Security and Phishing

§ Attack Path ManagemenÌ Deterrenc
Network Discovery, § Automated Network Inventor § Training Platforms, Behavioral
Social Engineering and
Monitoring and Threat § Monitor, Alert, and ReporÌ Modification/Interactive Training,
Phishing Prevention
Detection § Network Anomaly and Threat CBT/VideÒ
Detectio § Network Prevention/EnforcemenÌ
§ Network Asset Discovery and Mapping § Secure Email Gateways

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 12

2023 Industrial Cyber Guide
Tech & Solutions Categories
organizations need to implement robust cyber-security measures, to
protect OT systems from cyber threats.
Cyber-Physical Security and
Operational Systems Health OT/ICS Asset-Signal Integrity and OT Anomaly Detection

Cyber-physical security involves safeguarding the convergence of the Effective OT/ICS asset signal integrity and anomaly detection are critical
physical and digital worlds, where physical systems are increasingly components of modern industrial cybersecurity measures, helping to
connected to digital networks. This integration of the physical and digital protect against attacks like ransomware, malware, and other malicious
worlds makes them more vulnerable to cyber attacks, which can lead to activities that could disrupt critical infrastructure and cause widespread
significant consequences, such as disruption of services, equipment damage. By leveraging advanced technologies like machine learning and
damage, and safety risks. To ensure cyber-physical security, organizations artificial intelligence, organizations can more effectively identify potential
need to implement robust cybersecurity measures, such as implementing threats and take proactive steps to mitigate risks before they result in
firewalls, intrusion detection and prevention systems, encryption, access significant damage or operational disruptions.
controls, and incident response plans.

Operational systems health works on ensuring the optimal performance Predictive Maintenance
and reliability of ICS and other operational infrastructure. It involves
monitoring the health of these systems, early problem detection, and taking OT predictive maintenance helps organizations prioritize and schedule
corrective action before they cause disruptions or failures. Organizations maintenance by providing real-time monitoring and alerting businesses to
need to implement automated monitoring and reporting systems that can impending failures. However, one of the biggest obstacles preventing plant
continuously monitor the performance of critical infrastructure to ensure operators from implementing a successful predictive maintenance
operational systems' health. These systems can help alert operators of program is the integration of current OT infrastructure into contemporary IT
problems in real-time, enabling them to take corrective action before they systems. Most manufacturers frequently use third-party vendors because
cause significant damage or disruption.
integrating systems costs money and is difficult to manage. As the data
lacks the necessary context to generate insights and prompt action for OT
Overall, cyber-physical security and operational systems health are critical systems, many people are unable to understand it.
aspects of protecting critical infrastructure and ensuring safe and reliable
operations. By implementing robust cybersecurity measures and
continuously monitoring and maintaining the health of operational systems, Identity and Access 

organizations can maintain the integrity of systems, mitigate risks, and Management (IAM)
ensure safe and reliable operations.

Data Manipulation and Data Injection OT IAM covers managing identities and access to critical ICS and other OT
infrastructure, providing necessary access and privileges to carry out roles
OT data manipulation and data injection attacks are becoming more while ensuring that unauthorized individuals are prevented from accessing
common as more industrial facilities and critical infrastructure become critical systems. It is used to ensure that only authorized users have access
connected to the internet and other digital networks. These attacks can to critical systems and data, alongside assisting in mitigating the risk of
cause significant damage and disruption, leading to safety hazards, malicious insiders or cybercriminals accessing critical systems and data,
equipment damage, and environmental harm. To mitigate these risks, which could negatively impact operations.

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 13

OT IAM involves various processes and technologies, including identity Privileged Access Management (PAM)
authentication that verifies the identity of users attempting to gain access
to critical systems; role-based access control that assigns access PAM in industrial environments refers to the practice of managing and
permissions and privileges based on user roles and responsibilities; and controlling access rights for privileged users who have administrative
credential management that manages users' digital identities and access to critical systems, applications, and data. The approach is crucial in
credentials to ensure validity and prevent unauthorized access.
industrial environments to protect OT assets, prevent unauthorized access,
and reduce the risk of cyber-attacks and industrial espionage. It also
It also covers user provisioning and de-provisioning; provides and removes protects against insider threats and external cyber-attacks, prevents data
user access based on changes to roles within an organization; and audit loss or theft, and ensures compliance with industry standards and
and compliance which helps monitor and record user activity to ensure regulations.
compliance with corporate and regulatory policies.

Identity Governance Across Assets and Users Industrial IoT (IIoT) Device Security
Identity Governance lies at the center of organizational operations, as it
enables and secures digital identities across systems and infrastructure Security vulnerabilities in IIoT devices could potentially compromise OT
and for all users, applications, and data. It allows businesses to provide environments leading to a significant impact on production, safety, and
automated access to an ever-growing number of technology assets while operational downtime.

managing potential security and compliance risks. With identity as a

foundation and making appropriate access decisions, organizations adopt IIoT device security must deploy a secure authentication and authorization
the benefits of hyper-connectivity while ensuring that only the right people mechanism to prevent unauthorized access and tampering. Proper
have access at the right times. adoption of certificates and PKI infrastructure helps secure device
interactions. Additionally, communication between IIoT devices should
MFA, Passwordless, and SSO deploy strong encryption algorithms and protocols to encrypt both device
communications and data payload.

These solutions are vital tools used for securing access to operational Organizations should implement role-based access controls to prevent
environments, which can be implemented through a host of technologies, unauthorized access to sensitive systems and data. IIoT devices require
such as smart cards, tokens, mobile devices, and biometric sensors. They continuous security updates to protect against known vulnerabilities and
can also be integrated with existing authentication systems to provide an emerging threats. An organized patching process must be in place to
additional layer of security. Overall, these solutions help to minimize the risk ensure that all devices are properly maintained and updated. They must be
of unauthorized access and security breaches and ensure the safety and segregated from other networks and systems to limit the ability of an attack
reliability of industrial operations. to compromise other parts of the network. Overall, implementing robust IIoT
Policy and Role Management device security measures is critical to protecting OT environments.
Policy management involves developing, documenting, communicating, Continuous Vulnerability Management
and enforcing these policies to ensure they are followed consistently, while
role management involves assigning specific responsibilities or duties to Continuous vulnerability management is a critical component of
individuals or groups based on job functions, skills, and access privileges. By maintaining the security and resilience of OT environments, as it helps
implementing and enforcing well-defined policies and roles, organizations ensure that any vulnerabilities are identified and remediated before being
can reduce the risks of cyber threats, data breaches, and non-compliance exploited by attackers. Constant assessment of the risk posture of the OT
with industry regulations. environment enables organizations to remain vigilant and resilient to
potential threats across organizational devices, systems, and applications.

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 14

It also focuses on what must work together seamlessly to bring about safe Network discovery helps in maintaining an inventory of devices,
and reliable operations. However, this complexity also creates security understanding the network topology, and identifying potential vulnerabilities
vulnerabilities that can be exploited by cyber attackers. or misconfigurations that could be exploited by attackers. It provides a
foundation for effective network monitoring and threat detection .

Embedded IoT Agent-IIoT Inventory

Network monitoring involves the continuous observation and analysis of
Embedded IoT agent-IIoT Inventory across OT environments covers network traffic and activities within an OT environment. It helps in identifying
software integrated into IIoT (Industrial Internet of Things) systems that and managing network performance, detecting anomalies or irregularities,
manage inventory and supply chain processes within OT environments. and ensuring the availability and reliability of critical systems
.

These elements play a crucial role in collecting and transmitting data to a Threat detection involves actively monitoring the network for known and
centralized platform for real-time tracking and analysis of inventory and emerging threats that could compromise the OT environment. It focuses on
supply chain processes. They also enable businesses to stay ahead of the identifying indicators of compromise (IoCs), suspicious behaviors, or
competition by optimizing inventory and supply chain processes, reducing anomalies that may indicate a security incident or unauthorized access
costs, and improving productivity. attempts.
Hardware/Software Asset Intelligence - IT/ T/IIoT
O

OT hardware and software detect or cause a change through the direct A sset Intelligence covers the process of gathering, analyzing, and
monitoring and/or control of physical devices, processes, and events in the leveraging information about assets in various domains, including IT, OT, and
enterprise. Periodic hardware and software scans must be executed to IIoT. It involves understanding and managing the characteristics,
detect any unauthorized hardware or software changes and identify any performance, dependencies, and vulnerabilities of assets to make informed
unauthorized hardware and non-essential software applications installed decisions and optimize use.
within the infrastructure.
Attac ath anagement
k P M

Secure and Validate Device Updates

In OT environments, attack path management works on identifying,
Secure and validated updates reduce the risk of unauthorized access, analyzing, and managing potential attack paths that malicious actors could
system vulnerabilities, and potential disruptions, safeguarding critical exploit to compromise critical systems or infrastructure. It involves
infrastructure and ICS environments. It works on securely deploying and understanding the interconnectedness of various components within the
verifying updates or patches to these OT devices, to maintain the reliability, OT network, assessing vulnerabilities, and implementing measures to
availability, and security of OT infrastructure. It calls for appropriate mitigate the risks associated with these attack paths.
authentication and authorization; updates must be delivered using secure
channels; integrity verification; and appropriate monitoring and anomaly Automated etwor Inventory
N k

detection.
Automated network inventory helps to automatically discover, identify, and
catalog all network-connected assets and associated attributes. It involves
Network Discovery, Monitoring, using specialized tools or software to scan the OT network and collect
relevant information about devices, systems, and configurations. y
and Threat Detection implementing automated network inventory processes, organizations can
B

improve their understanding of the OT network infrastructure, enhance

Network discovery, monitoring, and threat detection enable proactive security management practices, and streamline asset-related activities.
identification of potential threats, timely response to security incidents, and
continuous monitoring to ensure the integrity and availability of critical
infrastructure systems.

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 15

Monitor, Alert, and Report network segmentation to isolate OT endpoints from other networks,
reducing the attack surface and limiting the potential impact of a security
These practices cover continuous surveillance of critical systems, the breach.

generation of alerts for potential issues or anomalies, and the creation of

When it comes to vulnerability management, organizations must conduct
reports to provide insights into the operational status and security posture
of the OT infrastructure. Effective monitoring, alerting, and reporting regular assessments that help identify vulnerabilities in endpoint devices.
practices in OT environments enable proactive identification of issues, Appropriate security patches and updates must also be applied to these
timely response to incidents, and the ability to make data-driven decisions. endpoints promptly to address known vulnerabilities. Organizations must
review and manage the configurations of endpoint devices to ensure they
Network Anomaly and Threat Detection align with security policies and industry best practices. They must also
implement endpoint security and patch management practices that align
Network Anomaly and Threat Detection help ensure the security and with applicable regulations and standards, such as NIST SP 800-82, IEC
reliability of OT systems by detecting and mitigating potential threats, 62443, or ISO 27001, ensuring that organizations meet necessary security

including cyberattacks, equipment failures, or operational errors. It works requirements.

towards monitoring and identifying abnormal or suspicious activities within
the networks and systems that control industrial processes and critical Industrial IT Endpoint Protection, EDR/xDR/EPP
infrastructure.
Industrial IT Endpoint Protection is vital for safeguarding critical
Network Asset Discovery and Mapping infrastructure, ensuring the availability and integrity of industrial processes,
and mitigating the risks associated with cyber threats in industrial
Network Asset Discovery and Mapping work on gaining visibility and environments. By implementing comprehensive security measures and
maintaining an accurate inventory of all the assets present in the OT regularly updating endpoint protections, organizations can enhance the
environment. This information is critical for effective network management, resilience of industrial IT infrastructure.
security, maintenance, and compliance purposes.
Device-level Zero-Trust
Operational IT/OT Endpoint Implementing device-level zero-trust across OT endpoints requires a
combination of technology, processes, and security controls tailored to the
Security and Patch Management unique characteristics of OT environments. It helps organizations enhance
security, protect critical infrastructure, and ensure the integrity and
Operational IT/OT endpoint security and patch management focuses on availability of operational processes. Device-level zero-trust will have a
protecting and maintaining the security of endpoints used in critical bearing on authentication and authorization, continuous authentication,
infrastructure and industrial processes. The open-ended process requires least privilege access, micro-segmentation, device integrity and health
regular monitoring, assessment, and adaptation to address emerging monitoring, device behavior analytics, and secure remote access.
threats and vulnerabilities.

Endpoint security ropes in various measures to protect endpoints from F irmware, Configuration, and Patch Management
unauthorized access, cyber threats, and vulnerabilities. Access controls
implement strong authentication mechanisms, privileged access Firmware, configuration, and patch management are critical for
management, and role-based access controls. Deploying antivirus and maintaining security, reliability, and accessibility across operational IT/OT
antimalware solutions specifically designed for OT systems to detect and endpoints, as they manage and maintain the firmware, configurations, and
block malicious software that can compromise endpoint security. software patches of endpoint devices. These practices focus on ensuring
Employing application whitelisting to allow only approved applications to that endpoints have up-to-date firmware, secure configurations, and the
run on endpoints, thus preventing the execution of unauthorized or latest patches to address vulnerabilities.
potentially malicious software. Furthermore, organizations can implement

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 16

OT Endpoint Data Diode/Unidirectional Gateways
Securing and managing OT endpoints is critical to offering the availability, Data diodes provide an additional layer of protection for sensitive networks,
reliability, and safety of industrial processes. Effective measures must be enabling controlled and secure data transfer in environments where data
implemented to protect OT endpoints from cyber threats while maintaining leakage or unauthorized access is a significant concern. They enable data
the integrity of critical infrastructure. to flow in one direction only, typically from a high-security network (source)
to a lower-security network (destination), while preventing any data or
Perimeter Security, Segmentation, information from flowing back to the source network.

and Zone Enforcement Industrial Firewalls

Perimeter security, segmentation, and zone enforcement are essential for Industrial firewalls help secure OT networks, safeguard critical infrastructure,
protecting critical infrastructure and preventing unauthorized access or and protect ICS from cyber threats and attacks. Advanced capabilities and
disruptions. By implementing these measures, organizations can establish specialized features help defend against network-based attacks, enable
secure boundaries, control access, and limit the impact of security incidents secure remote access, and enforce strict access controls, ensuring the
within OT networks. It also protects and secures the boundaries and internal secure operation of industrial processes.
network segmentation of OT systems.
Soft/Virtual/Micro-Segmentation
Deploying firewalls at the network perimeter is a fundamental measure to
enforce security boundaries. Firewalls control and monitor incoming and This technique improves network security and mitigates the risks associated
outgoing network traffic, allowing only authorized communication and with lateral movement of threats in modern complex IT environments. By
blocking potential threats. Organizations can also deploy IDS/IPS solutions to implementing this practice, organizations can achieve enhanced network
detect and prevent unauthorized access attempts, abnormal network visibility, fine-grained access control, and isolation of critical assets,
behavior, and known attack patterns at the network perimeter. VPNs also bolstering overall security posture.
help provide secure remote access to OT networks by encrypting
communication between remote users and the OT environment, preventing USB/Removable Media Sanitization
unauthorized access and protecting data in transit.
This technique improves network security and mitigates the risks associated
When it comes to segmentation, dividing the OT network into logical with lateral movement of threats in modern complex IT environments. By
segments or VLANs (Virtual Local Area Networks) based on operational implementing this practice, organizations can achieve enhanced network
needs and security requirements helps to limit the spread of threats within visibility, fine-grained access control, and isolation of critical assets,
the network and reduces the attack surface. Additionally, organizations can bolstering overall security posture.
physically isolate sensitive or critical systems from less critical or vulnerable
systems by using separate network switches, routers, or air-gapped
networks.
Product, Software, and Supply
Organizations also enforce zones to strengthen perimeter security. Chain Security
Implementing DMZs separates external-facing systems, such as web
servers or external data exchanges, from internal OT networks. Perimeter Implementation of robust security measures throughout the product
Access Control uses strict access controls, to regulate and monitor access lifecycle, supply chain, and operational processes enables organizations to
to OT environments from external networks. Access Control Lists can be reduce the risk of vulnerabilities, unauthorized access, and disruption to OT
used to define and enforce access policies and restrictions at the network systems, safeguarding operations and protecting against potential cyber
level. threats. It further also covers specific measures and practices employed to
ensure the security and integrity of products, software applications, and the
entire supply chain within OT systems and infrastructures.

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 17

Product security in OT involves designing and manufacturing devices that Third-party Risk Management
are resistant to cyber-attacks and other forms of tampering. It covers
measures taken to protect the security and integrity of physical products, Organizations can minimize the potential security risks associated with
such as devices or equipment. It can also include implementing secure external dependencies by implementing third-party risk management
boot processes to ensure only trusted firmware can run on the device and practices. It helps ensure that third-party products, software, or
hardening firmware to protect against exploitation of vulnerabilities.
components meet the required security standards, protecting against
vulnerabilities, breaches, or disruptions that may arise from the involvement
Focused on protecting applications and software systems from potential of external entities.
threats and vulnerabilities, software security aims to ensure that the
software running on OT systems is free from vulnerabilities and other Vulnerability Management
security weaknesses. Regular updates and patching of software to address
known security issues and using secure coding practices when developing Vulnerability management helps organizations minimize the risk of
new software must be carried out.
exploitation, protect against potential breaches or compromises, and
Supply chain security in OT involves ensuring that components and devices ensure the security and integrity of products, software, and supply chain.
used in OT systems are authentic and free from tampering. This can include
verifying the authenticity of devices and components before they are Risk Management, Governance, 

installed and implementing secure supply chain processes to prevent
unauthorized access to devices and components. and Compliance
Monitoring and Remediation By implementing effective risk management practices, establishing
governance frameworks, and adhering to regulatory requirements,
By proactively monitoring for vulnerabilities, intrusions, and suspicious organizations can enhance the security and resilience of OT systems.

activities, organizations can swiftly identify and respond to security

incidents, minimizing potential damages and protecting systems from Risk management conducts comprehensive assessments to identify and
threats. They also help in immediate remediation ahead of adversarial understand potential threats, vulnerabilities, and the potential impact on OT
attacks. systems and operations. With a good risk management blueprint in hand,
organizations get a broad perspective on identifying the industrial risks that
Product Security and SDLC could cause a company to fail to meet its strategies and objectives. Given
the volatility that exists in the landscape, the risk management process
Blending product security, software security, and supply chain security should be audited periodically to make sure weaknesses are identified and
considerations into the SDLC establishes that organizations can effectively addressed, enabling continual improvement.

mitigate risks, identify vulnerabilities, and respond to security incidents. The When it comes to governance, organizations work on establishing policies,
holistic approach ensures that security is addressed at every stage of the procedures, and frameworks to guide decision-making, risk management,
development and deployment process, helping to safeguard products, and operational practices. Creating policies and guidelines that define
software, and supply chains against potential threats. security objectives, roles and responsibilities, and acceptable use of OT
SBOM/HBOM Analysis, VEX, File Integrity systems and resources. They also work on adhering to industry standards,
regulatory requirements, and best practices to ensure the security and
These methods assist organizations to monitor and contribute towards the compliance of OT systems.

identification and remediation of vulnerabilities, prioritization of security Compliance primarily covers adhering to specific regulations and
efforts, and maintenance of the integrity and trustworthiness of critical files standards applicable to OT environments, such as NERC CIP, IEC 62443, or
and components. sector-specific regulations for critical infrastructure. Organizations must

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 18

conduct regular audits to assess compliance with established security
controls and regulatory requirements. They must also establish incident Secure Remote Access
response procedures to handle security incidents, including reporting
requirements to regulatory bodies, law enforcement, or relevant authorities.
In industrial frameworks, secure remote access strikes a balance between
Exposure Reduction and Vulnerability Prioritization operational efficiency and maintaining a robust security posture. y B

implementing appropriate security measures and adhering to best

Organizations can reduce the attack surface, strengthen the security practices, organizations can enable remote access while safeguarding
posture of OT environments, and mitigate risks to critical infrastructure, critical OT systems and infrastructure from unauthorized access and
operations, and personnel safety by focusing on reducing exposure, and potential cyber threats. The approach allows authorized personnel to
effectively prioritizing vulnerabilities. Exposure reduction focuses on remotely access and monitor OT systems, reducing the need for physical
minimizing the potential attack surface and vulnerabilities, using presence at the facility or site, enabling faster response times, efficient
appropriate measures to reduce exposure risk. Vulnerability prioritization troubleshooting, and improved operational efficiency .

largely focuses on resources and efforts on addressing critical

vulnerabilities effectively. Secure remote access typically involves the use of virtual private networks
(V Ns) or other secure remote access technologies, which can encrypt the
P

Industrial Threat Intelligence data being transmitted between the remote user and the OT system. This
helps to protect against interception and unauthorized access to OT
Leveraging industrial threat intelligence enables organizations to systems. longside using secure technologies, secure remote access often
A

proactively identify and respond to emerging threats, enhance security involves implementing strict access control measures, which may include
practices, and maintain compliance with regulations and standards requiring multi-factor authentication to ensure that only authorized users
specific to OT environments. These sources include both open-source can access the system, and limiting access to only those users who require
intelligence (OSINT) and commercial intelligence providers that specialize in it for the ob
j .

monitoring and analyzing threats specifically targeting industrial A nother important aspect of secure remote access is monitoring and
environments. logging of remote access sessions. This can include keeping a record of
which users accessed the system when they accessed it, and what actions
Risk Exposure Analysis and Reporting they took while connected.
Risk exposure analysis involves evaluating and quantifying the potential
impact and likelihood of risks to OT systems and operations so that Access Control A AC AC MAC AC: B /D / /B

organizations understand the magnitude of risks and prioritize mitigation Effective access control measures for secure remote access in OT
efforts. Effective risk reporting enables informed decision-making, drives risk environments can include the use of strong authentication methods,
awareness, and supports compliance efforts. implementing user role-based access control, using firewalls to restrict
Risk Management and Mitigation access to specific I addresses and or ports, limiting the ability to remotely
P /

modify system configurations, and settings, and restricting the duration of

Risk management uses processes, methods, and tools that help remote access sessions to minimize exposure. Some commonly used
organizations identify what could go wrong, evaluate which risks should be access control models include ttribute- ased ccess ontrol (
A B ),
A C ABAC

dealt with, and implement strategies to deal with those risks. Risk Mitigation D iscretionary ccess ontrol (
A ), Mandatory ccess ontrol (M ), and
C DAC A C AC

implements various measures to reduce or mitigate identified risks, such as Role- ased ccess ontrol (R
B A ). C BAC

applying security controls, implementing redundancy, or introducing

intrusion detection and prevention systems. Audit and Compliance Session ogging Recording Termination
: L / /

Roping in robust audit and compliance measures, including session logging,

recording, and termination, enables organizations to maintain visi-

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 19

bility, accountability, and traceability of remote access activities in OT suspicious emails. They must also adopt multi-factor authentication (MFA)
environments. Helping organizations maintain accountability, traceability, for access to critical systems, to prevent unauthorized access even if a
and compliance with regulatory requirements, these mechanisms user's credentials are compromised.
contribute to security monitoring, incident response, compliance
management, and overall risk reduction. Inbox Cyber Security and Phishing Deterrence
Jump box, VPN Access, Converged SRA platform Organizations must work to protect users' inboxes from malicious emails
and actively discourage phishing attempts. The adoption of robust inbox
Technologies like jump boxes, VPN access, and converged SRA platforms cybersecurity measures enables organizations to significantly reduce the
enable organizations to establish secure remote access in OT environments. risk of successful phishing attacks in OT environments. These measures,
These allow authorized personnel to remotely manage and monitor OT combined with user education and awareness, help create a more secure
systems while maintaining the necessary security controls. The specific email environment and enhance the overall resilience against social
choice of technology depends on factors such as the organization's engineering threats.
security requirements, infrastructure complexity, and regulatory compliance
obligations. Training Platforms, Behavioral Modification/Interactive
Training, CBT/Video
Privileged SRA, Zero-Trust, and Identity
Organizations must utilize training platforms, behavioral modification/
These mechanisms contribute to enhancing security, reducing the risk of interactive training techniques, CBT modules, and videos to effectively
unauthorized access, and improving accountability across OT systems. They educate employees on social engineering and phishing prevention in OT
play crucial roles in enhancing security and minimizing risks. environments. These approaches enhance awareness, promote responsible
behavior, and equip employees with the skills and knowledge to recognize
Social Engineering and Phishing and respond appropriately to potential security threats. They largely work on
driving behavioral changes regarding social engineering and phishing
Prevention prevention.
Social engineering is the art of manipulating individuals to divulge sensitive Network Prevention/Enforcement
information or perform actions that may be harmful to an organization's
security. In OT environments, social engineering can be particularly Organizations can significantly improve defense against social engineering
damaging, as it can lead to the compromise of critical infrastructure and phishing attacks in OT environments by implementing strong network
systems.
prevention and enforcement measures. These controls offer proactive
Phishing is a specific type of social engineering that involves the use of security, reveal suspicious activity, and aid in preventing malicious actors
fraudulent emails, text messages, or websites to trick individuals into from breaching the network and gaining unauthorized access to vital
divulging sensitive information such as usernames, passwords, or financial systems.
information. In an OT environment, phishing attacks can be particularly Secure Email Gateways
dangerous, as they can be used to gain access to critical systems and
cause damage or disruption.
By using a secure email gateway, organizations can scan incoming and
Phishing prevention in OT environments involves a combination of technical outgoing emails for malicious content. It can also be configured to block or
controls and user education. Organizations must implement email security quarantine suspicious emails from known malicious sources, quarantine
measures to prevent fraudulent emails from reaching users and conduct suspicious emails, and protect OT systems. Additionally, secure email
regular phishing awareness training for employees to educate them on the gateways can also be used to help prevent data leakage and unauthorized
dangers of phishing and how to identify and report access to sensitive information.

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 20

Industrial Cybersecurity ¤ Contingency and crisis planninˆ
¤ Manage and remediate cybersecurity

Services Incident Planning,

Response, and
Recovery
incidentŸ
¤ Playbooks and Response ProcedureŸ
¤ Post-incident ForensicŸ
¤ Threat Hunting and Investigatio
The categorization framework in this guide has been designed to identify, ¤ Threat Modeling and Visualization
evaluate and determine those services that will add value and benefit the
cybersecurity posture of the operational environment. These categories are
designed to offer a preliminary assessment of services and introduce
vendors who deliver those services. Therefore, it is not an exhaustive ¤ Cyber Risk Managemenš
checklist. Furthermore, the framework is not sequential, as organizations ¤ IIoT cybersecurity strategy/pla
may require certain services across different points within the journey.
¤ Network Architecture and Design
Some services will likely be ad-hoc, while others may be continuous, Planninˆ
depending on the starting point and the cyber maturity of the industrial ¤ Program Development, Review, and
Program 

organization at hand. Moreover, it also depends on the risk appetite of the Managemenš
Development
organization. ¤ Regulatory Complianc!
¤ Security Framework and Standards
Categories Sub-categories Adoptio
¤ Social Engineering and Security
¤ Asset Discovery, Inventory Hygiene, and
Awareness Program
Diagnostic AssessmentŸ
¤ Conduct Gap, Vulnerability, and Risk
Assessment/Audiš
¤ Governance, Policy, and Procedure Revie}
¤ Continuous Monitorinˆ
Assessments 
 ¤ Network Architecture Evaluatio
¤ File and Patch Integrity Servic!
and Testing ¤ Penetration Testinˆ
¤ Product Assessmenš
¤ Readiness Assessmenš
Supply Chain and ¤ SBOM/HBOM AnalysiŸ
¤ Social Engineering and Phishing Testing/
Product Security ¤ Secure System Design, Implementation,
AssessmentŸ
and Developmenš
¤ Technology Efficacy and Efficiency
¤ Third-party Risk Managemenš
Evaluation
¤ Vulnerability Management
¤ Acceptance Testing: Backup and RecoverË
¤ Configuration and Patch Managemenš
¤ Managed SOC and Monitorinˆ
Deployment, ¤ Network Design and Segmentatio ¤ Cyber Range: Simulation Traininˆ
Implementation, ¤ Network Hardeninˆ ¤ Cybersecurity Skills Developmenš
and Managed ¤ Platform Integratio ¤ OT/IT Alignment Progran
Train and Educate
Services ¤ SIEM/SOAR, EDR/XDR, Network, Identity,
 ¤ Red vs. Blue traininˆ
Asset, ClouÝ ¤ Security Awareness Traininˆ
¤ Systems Hardeninˆ ¤ Tabletop exercises
¤ Endpoint, Appliance, and Device

Technology & Solutions Industrial Cybersecurity Technology, Solutions & Services 21

2023 Industrial Cyber Guide
Services Categories
improve the security, reliability, and performance of the network. It works on
ensuring that the network design meets the operational and security
Assessments and Testing requirements of the OT environment, including considerations for
availability, scalability, and fault tolerance.

Organizations conduct assessments and testing across OT environments to Penetration Testing

proactively identify and address vulnerabilities, evaluate security controls,
and enhance security and resilience across these systems. The technique Penetration testing simulates real-world attack scenarios, enabling
evaluates the current level of knowledge and skills of OT personnel, organizations to evaluate the effectiveness of security controls, enhance
identifying any gaps that may exist, and then developing and delivering incident response capabilities, and improve the overall resilience of OT
structured training programs to address those gaps. systems and infrastructure. It helps to proactively identify weaknesses and
potential entry points that could be exploited by malicious actors.
Asset Discovery, Inventory Hygiene, and Diagnostic Assessments
Readiness Assessment
Assessments in asset discovery, inventory hygiene, and diagnostics provide
Readiness Assessment provides organizations with insights into the current
visibility into the assets present, maintain accurate inventory records, and
state of preparedness and identifies areas that require improvement in
evaluate the security of OT systems. They help organizations understand the
terms of security, operational readiness, and compliance. Based on these
scope of OT infrastructure and identify potential vulnerabilities or issues
findings, targeted action plans work on addressing any gaps and enhance
while supporting effective asset management, vulnerability management,
overall readiness to handle the unique challenges of OT systems and
patch management, and configuration management.
infrastructure.
Conduct Gap, Vulnerability, and Risk Assessment/Audit
Social Engineering and Phishing Testing/Assessments
Executing a gap and vulnerability assessment involves evaluating the
Conducting social engineering and phishing testing/assessments enables
current state of the OT system, identifying any potential risks and
organizations to identify vulnerabilities in human factor security controls
vulnerabilities, and developing a plan to mitigate or eliminate those risks.
and raise awareness among employees about the risks associated with
Risk assessment/audit reviews of system architecture, network topology,
social engineering attacks and phishing attempts. It helps strengthen the
security protocols, access control measures, and other critical components
organization's security posture and reduces the likelihood of successful
of the system.
attacks targeting the OT environment.
Governance, Policy, and Procedure Review
Technology Efficacy and Efficiency Evaluation
The review aims to ensure that proper governance structures are in place,
Technology efficacy and efficiency evaluation helps organizations identify
policies are comprehensive and aligned with industry standards, and
weaknesses, vulnerabilities, or performance bottlenecks that require
procedures are well-defined and followed consistently.
proactive measures to improve technology infrastructure and enhance the
Network Architecture Evaluation overall effectiveness and efficiency of OT systems.

This evaluation throws light on the effectiveness of the network design,

identifies vulnerabilities or weaknesses, and makes recommendations to

Services Industrial Cybersecurity Technology, Solutions & Services 22

 Network Hardening
Deployment, Implementation, 

and Managed Services When it comes to network hardening, organizations must work on securing
network device configuration, network segmentation, perimeter security,
Deployment, implementation, and managed services are used within OT network access control, network monitoring and logging, and secure
environments to ensure improved efficiency, reduce the risk of downtime, network protocols.
and enhance the overall safety and security of operations across industries.
Platform Integration
With the intent of delivering smooth operation, security, and optimization of
OT environments, these services help organizations maximize the benefits of Effective platform integration enables organizations to collect and analyze
OT investments, optimize system performance, ensure security and data from a wide range of sources, and to use this data to drive operational
compliance, and provide the necessary support for efficient and reliable OT efficiencies, optimize performance, and improve organizational decision-
operations. making.
Acceptance Testing: Backup and Recovery SIEM/SOAR, EDR/XDR, Network, Identity, Asset, Cloud
Acceptance testing for backup and recovery verifies that the procedures These components work together to provide a comprehensive security
are functioning as intended. It also tests the backup process to ensure that posture for OT environments, enabling organizations to detect and respond
all relevant data is backed up and that backups can be restored to security threats in real-time. They also proactively identify and address
successfully. potential vulnerabilities before they can be exploited by attackers.
Configuration and Patch Management Systems Hardening
By implementing robust configuration management practices and staying Effective systems hardening is critical to reducing the risk of cyber attacks
proactive with patch management, organizations can enhance the security against OT systems. By reducing the attack surface, organizations can make
and resilience of OT assets, reducing the likelihood of successful it more difficult for attackers to gain access to critical systems and data
cyberattacks and minimizing operational disruptions. and can minimize the impact of any successful attacks.
Managed SOC and Monitoring Endpoint, Appliance, and Device
Managed SOC and monitoring services give organizations the expertise, Securing endpoints, appliances, and devices in OT environments will ensure
resources, and continuous monitoring capabilities necessary to protect the integrity, availability, and safety of industrial processes. It will also drive
critical OT systems and assets from emerging cyber threats. By leveraging regular maintenance, updates, monitoring, and compliance with security
specialized security technologies, threat intelligence, and skilled analysts, best practices.
managed SOC services enhance the organization's security posture,
improve incident response capabilities, and enable efficient detection and
mitigation of security incidents in the OT environment. Incident Planning, Response, 

Network Design and Segmentation
and Recovery
By implementing robust network design and segmentation practices in OT When it comes to OT environments, incident planning, response, and
environments, organizations can achieve improved security, reduced attack recovery require a proactive and well-coordinated approach. It involves a
surface, better network performance, and increased resilience. These combination of technical controls, skilled personnel, effective processes,
measures help protect critical assets, prevent unauthorized access, contain and continuous improvement to mitigate the impact of incidents, minimize
security incidents, and ensure the uninterrupted operation of OT systems. downtime, and ensure the operational resilience of OT systems and pro-


Services Industrial Cybersecurity Technology, Solutions & Services 23

cesses. These activities are crucial for minimizing the impact of incidents, Threat Hunting and Investigation
restoring operations, and ensuring the resilience of the OT environment. The
mechanism used primarily focuses on preparing for, responding to, and A proactive process of searching for and identifying potential threats and
recovering from security incidents and disruptions that may impact the OT malicious activities within the OT network, threat hunting, and investigation
systems and industrial processes.
involves collecting and analyzing data from various sources to uncover
indicators of compromise (IoCs), signs of unauthorized access, or suspicious
The game plan involves a combination of technical controls, skilled
behaviors that may indicate a security breach. The key objective is to detect
personnel, effective processes, and continuous improvement to mitigate
and respond to threats before they can cause significant damage or
the impact of incidents, minimize downtime, and ensure the operational
disruption to critical industrial processes.
resilience of OT systems and processes.
Threat Modeling and Visualization
Contingency and crisis planning
Threat modeling and visualization provide a structured approach for
Contingency and crisis planning deliver a proactive and comprehensive identifying and addressing security concerns, enabling organizations to
approach to managing and mitigating the impact of disruptions or crises. make informed decisions about security controls and risk mitigation
By anticipating potential risks, organizations can work on developing strategies.
appropriate strategies and maintaining preparedness, thus enhancing the
resilience of OT systems and minimizing downtime during critical incidents.

Manage and remediate cybersecurity incidents

Program Development
A clear communication channel, well-defined incident response roles and Program development designs and implements a comprehensive
responsibilities, and collaboration between different teams are necessary cybersecurity program addressing the unique security challenges and
for managing and remediating cybersecurity incidents in OT environments. requirements of OT systems. It involves establishing the necessary policies,
By implementing robust incident response processes, organizations can procedures, and controls to protect critical infrastructure, industrial control
manage and remediate cybersecurity incidents, protect critical industrial systems, and other OT assets from cybersecurity threats. The goal of
processes, and maintain the security and resilience of OT environments. program development in OT environments is to build a structured and
proactive approach to managing cybersecurity risks and ensuring the
Playbooks and Response Procedures
resilience of OT operations.
Playbooks and response procedures provide a structured and standardized
approach to incident response, enabling organizations to respond Cyber Risk Management
efficiently, reduce incident resolution time, minimize the impact of incidents,
A critical aspect of program development in OT environments, cyber risk
and maintain the security and resilience of OT systems and processes.
management involves a systematic approach to identifying, assessing, and
Post-incident Forensics mitigating cybersecurity risks, ensuring the protection and resilience of OT
systems against evolving threats. By incorporating risk management
Following a cybersecurity incident, organizations must adopt a streamlined practices into program development, organizations can effectively address
process that investigates and analyzes the cyber breach. It involves the unique security challenges posed by OT environments and establish a
gathering and examining digital evidence, conducting forensic analysis, robust cybersecurity posture.
and reconstructing the events that led to the incident. This will help throw
light on the root cause of the incident, identify the extent of the IIoT cybersecurity strategy/plan
compromise, and gather information that can be used for remediation,
As OT systems increasingly leverage IIoT technologies for improved
legal purposes, and future incident prevention.
connectivity and operational efficiency, it becomes crucial to establish

Services Industrial Cybersecurity Technology, Solutions & Services 24

a comprehensive cybersecurity strategy to address the unique challenges Social Engineering and Security Awareness Program
and risks associated with IIoT deployments. The plan must include
identifying the IIoT assets, assessing the risks associated with each asset, Implementation of a comprehensive social engineering and security
charting a risk management plan, defining policies and procedures, awareness program can reduce the risk of successful social engineering
implementing appropriate security controls, and monitoring and attacks in OT environments. Increased awareness and vigilance among
continuous maintenance of the IIoT cybersecurity strategy/plan. employees can serve as a powerful defense against social engineering
threats, enhancing the overall security posture of the organization's OT
Network Architecture and Design Planning systems and operations.

Network architecture and design planning within the broader program

development in OT environments involve implementing secure and resilient Supply Chain and Product Security
network infrastructures to support the communication needs of OT devices
and systems. These approaches set the structure for how data flows to,
from, and between resources within the organizational framework. Supply chain and product security include various measures and practices
implemented to ensure the integrity, confidentiality, and availability of
Program Development, Review, and Management components, systems, and software throughout the supply chain lifecycle. It
involves managing the security risks associated with procuring, developing,
Program development, review, and management encompass systematic deploying, and maintaining OT products and solutions, in addition to
and ongoing processes involved in designing, evaluating, and maintaining a ensuring that all products and components used in the OT environment are
robust OT security program. By defining clear objectives, establishing secure and free from potential vulnerabilities.
governance structures, conducting regular assessments, and managing
resources, organizations can enhance the security posture of OT Continuous Monitoring
environments and better mitigate cyber threats.
Continuous monitoring provides organizations with real-time visibility into
Regulatory Compliance the security posture of the supply chain and OT products. By actively
monitoring and assessing the ecosystem, organizations can proactively
By incorporating regulatory compliance into program development, detect and respond to security threats, vulnerabilities, and incidents,
organizations can establish a strong foundation for maintaining a secure minimizing potential risks and ensuring the integrity, confidentiality, and
and compliant OT environment. Compliance with regulations helps availability of OT environments.
organizations minimize legal and operational risks, protect critical
infrastructure, and demonstrate commitment to maintaining a secure OT File and Patch Integrity Service
environment.
Monitoring and verifying file integrity and patch management allows
Security Framework and Standards Adoption organizations to ensure the trustworthiness and integrity of software and
firmware components throughout the supply chain and product lifecycle.
Adoption of appropriate security frameworks and standards can help The approach helps organizations maintain the trustworthiness and
organizations benefit from established guidelines and best practices to integrity of software and firmware components, reducing the risk of security
enhance the security posture of OT environments. These frameworks and breaches, operational disruptions, and compromised systems.
standards help organizations establish a comprehensive and consistent
security program while aligning with industry best practices and regulatory Product Assessment
requirements.
Executing product assessment is carrying out due diligence and
determining the security of products and components before they are
integrated into the OT environment to ensure that they are free from po-


Services Industrial Cybersecurity Technology, Solutions & Services 25

tential vulnerabilities. Organizations must identify products and
components, conduct security assessments, test for vulnerabilities, analyze Train and Educate
security controls, develop risk management plans, and monitor and
maintain the security of products and components on an ongoing basis.
Train and Educate services involve establishing a security culture that works
SBOM/HBOM Analysis on training and educating employees and stakeholders on the unique
needs and challenges of the OT environment. With this outlook,
SBOM analysis involves creating a list of software components used in a organizations can better manage risks, respond to incidents, and
product or system, while HBOM analysis covers all hardware components proactively handle security challenges in OT infrastructure by improving the
used across the product or system. SBOM/HBOM analysis will identify any knowledge, abilities, and awareness of staff. The goal is to ensure that
potential security risks associated with the use of specific software or everyone involved in managing and maintaining these systems has the
hardware components, and detect anomalies in the organizational knowledge and skills necessary to minimize the risk of cyber-attacks and
framework. other security incidents.

Secure System Design, Implementation, and Development Cyber Range: Simulation Training

Organizations must execute secure system design, implementation, and Cyber Range uses simulation training to create realistic virtual environments
development plans that adopt a proactive and holistic approach to that simulate cyber attacks, vulnerabilities, and incidents specific to OT
security, continually assessing and updating security measures to adapt to systems. It provides a controlled and safe environment for training
evolving threats. These concepts help establish security practices to protect personnel on how to detect, respond to, and mitigate cyber threats in OT
against threats such as unauthorized access, tampering, data breaches, infrastructure. It delivers practical experience, enhances incident response
and malicious activities. capabilities, and develops a proactive and resilient security posture in the
face of evolving cyber threats.
Third-party Risk Management
Cybersecurity Skills Development
Third-party risk management deals with the interconnected business
landscape that organizations must account for, as they rely on third-party Cybersecurity skills development works on improving the technical expertise
vendors, suppliers, and service providers to support operations. However, and knowledge of employees and stakeholders who are responsible for
these external entities can introduce potential security risks if not properly managing and maintaining industrial control systems and other critical
managed. infrastructure. This may include training on the latest cybersecurity threats
and best practices, as well as hands-on experience with security tools and
Vulnerability Management technologies. The goal is to ensure that everyone involved in OT
environments has the skills and knowledge necessary to detect, prevent,
Vulnerability management involves identifying, assessing, and mitigating and respond to cyber-attacks and other security incidents.
vulnerabilities in products and components used in the OT environment.
Organizations can bolster the resilience and security of OT environments, OT/IT Alignment Program
protect critical infrastructure, and mitigate the risks associated with
potential vulnerabilities by implementing a comprehensive vulnerability An OT/IT alignment program works on aligning technology roadmaps,
management program across the supply chain and product security. defining common standards and protocols, and establishing clear lines of
communication and accountability. It may also involve developing joint
training and development programs to ensure that both teams have the
skills and knowledge necessary to work together effectively. The benefits of
an OT/IT alignment program include improved operational efficiency,
reduced downtime, and enhanced security and compliance.

Services Industrial Cybersecurity Technology, Solutions & Services 26

Red vs. Blue training

Red vs. Blue training provides a realistic and practical approach enabling
organizations can identify vulnerabilities, strengthen defenses, and prepare
personnel to respond to cyber threats. It helps improve incident response
capabilities and enhances security across critical environments.

Security Awareness Training

Security Awareness Training works on educating employees and

stakeholders on the importance of cybersecurity and how to identify and
respond to security threats. It allows organizations to create a security-
conscious workforce that actively contributes to the protection of critical
infrastructure.

Tabletop exercises

Tabletop exercises prepare OT environments for potential cybersecurity

incidents or operational disruptions, delivering a safe environment for
testing response strategies, enhancing communication and coordination,
and identifying areas for improvement. The conduct of these exercises aims
to assess, validate, and improve the effectiveness of incident response
plans and procedures across OT systems.

Services Industrial Cybersecurity Technology, Solutions & Services 27

VENDOR
DIRECTORY
Industrial Cybersecurity Technology & Solutions
Cyber-Physical Security and Perimeter Security, Segmentation,
Operational Systems Health and Zone Enforcement
Identity and Access Product, Software, and
Management (IAM) Supply Chain Security
Industrial IoT (IIoT) Risk Management, Governance,
Device Security and Compliance
Network Discovery, Monitoring
and Threat Detection Secure Remote Access

Operational IT/OT Endpoint Social Engineering and

Security and Patch Management Phishing Prevention

Industrial Cybersecurity Services

Assessments 
 Program 

and Testing Development

Deployment, Implementation, Supply Chain and

and Managed Services Product Security

Incident Planning, Response, and

Train and Educate
Recovery

Industrial Cybersecurity Technology, Solutions & Services 29

 1898 & Co., a division 
 Airbus Cybersecurity
of Burns & McDonnell Airbus OT security services help critical infrastructure providers to build and
maintain persistent cyber resilience for interconnected industrial systems. The
The 1898 & Co. Security & Risk Team is a diverse group of analysts, engineers, company follows a three-step approach for OT cybersecurity - Access,
and consultants serving the industry for the last 25 years. Its team mostly Protect, and Manage. Airbus OT services solution is modular in nature and can
consists of former asset owners serving the critical infrastructure industries be integrated into existing security programs and ways of working.
they know best or former military veterans or reservists serving the altruistic
mission of protecting what matters most.
OFFERINGS:
1898 & Co. also helps the industry achieve risk management and resiliency Ü Access: The service includes OT asset discovery and analysis, OT security
using a three-pronged approach that balances system reliability, cyber risk maturity check, OT security pen-testing, and risk assessment•
management, and regulatory compliance. The team integrates consultants Ü Protect: It includes services like OT policies and framework consulting, OT
experienced in all three areas and is focused on improving the safety, security design, integration, and training and awareness•
security, and reliability of critical infrastructure. It delivers people, processes, Ü Manage: These services include SOC, managed OT security infrastructure
and technology that enable risk and resiliency, preparedness, and situational and cyber-on-demand.
awareness.
https://airbus-cyber-security.com/
https://1898andco.com/
matt.morris@1898andco.com

Advenica Ampere Industrial Security

Advenica helps operators within the critical infrastructure to protect what Ampere is an industrial security consulting firm based in Portland, Oregon,
matters most. With its cybersecurity solutions, networks can be physically specializing in ICS and OT security. The company helps asset owners protect
isolated while information can be exchanged securely. Its products are their critical industrial control technology. Its key differentiator is its vast
designed, developed, and manufactured in Sweden. understanding of the wide array of industrial cybersecurity standards,
regulations, and best practices across all sectors and around the globe to
What are the security challenges? help keep organizations ahead of their attackers - and auditors.

Ü Do you need to integrate IT and OT systemsÊ Primary consulting services are industrial cyber and physical security;
Ü Are you dependent on remote access via RDPÊ regulatory and standards compliance; risk management; controls review,
Ü Do you want to be able to transfer socially critical information from, for design, and testing; and supply chain security. Ampere secures the industrial
example, a SCADA system? world.
https://www.advenica.com/en www.amperesec.com
sales@advenica.com contact@amperesec.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 30

 SWOT24TM, OT cybersecurity by ABS Group, provides a comprehensive portfolio of OT
cybersecurity consulting, implementation, and risk management services. It helps
organizations identify and mitigate critical cyber threats in real time.

SWOT24 works with a diverse range of clients in critical infrastructure industries

globally to understand their unique OT cybersecurity risks and help them build
industrial security solutions to reduce the likelihood of an attack. From the earliest
concept and design phases to integrating a program into existing operations,
SWOT24 helps organizations develop and implement the security solutions and
controls needed to manage cyber risk.

Risk-based solutions for converging IT-OT systems: SWOT24 approaches industrial

cybersecurity as a risk management function. Its risk-based solutions cover every
stage of cyber defense for converging IT and OT systems. It offers industrial network
security based on the client's specific needs and unique operating environment to
support existing risk, reliability, and operational safety organizational strategies.
SERVICES:
z Cybersecurity managed services: Gain a comprehensive understanding of OT
networks, including continuous monitoring for potential attacksZ
z Industrial security operations center: SWOT24 oversees all activity 24/7/365 from its
centralized ISOC with no interference to an organization’s operationsZ
z Supply chain cyber risk management: Manage the risks an organization inherits
from its suppliers by controlling the exposure and detecting vulnerabilitiesZ
z OT cybersecurity for new construction: Minimize threats and increase productivity
by factoring cybersecurity into the initial design and planning stages of
constructionZ
z Specialized cybersecurity consulting: Receive guidance for critical decision-
making in OT environments, including insourcing, outsourcing, technology, vendors,
and more.
www.abs-group.com/SWOT24
SWOT24@abs-group.com

Industrial Cybersecurity Technology, Solutions & Services 31

 Applied Risk
Applied Risk, a DNV company, is a trusted partner for industrial cyber security
driven to safeguard the critical infrastructure our society depends on.
Combining cyber security knowledge and experience in operational
technology, Applied Risk provides tailored solutions that assists asset owners,
Armis provides an agentless, enterprise-class security platform that addresses the system integrators and suppliers to develop, deploy and maintain cyber-
extended attack surface that connected assets create. The platform discovers and resilient operations. Based in The Netherlands, Applied Risk operates on a
analyzes all managed, unmanaged, and IoT devices.
global scale, helping protect industries such as oil and gas, power, water
The Armis Asset Intelligence & Security Platform offers insights into all connected management, pharmaceuticals, healthcare, manufacturing, maritime and
assets, wired and wireless, within, and surrounding OT networks. Armis discovers, transport.
classifies, and profiles, offering rich contextual insights into every asset, including www.applied-risk.com
SCADA, PLCs, DCS, IIoT, IoT, IoMT, and IT, and the interconnected support devices that
keep facilities operational.
sales@applied-risk.com
Armis interoperates seamlessly with the existing tech toolset to immediately focus
attention on critical events and prevent their expansion, mitigate their effects, and
resolve them quickly. By monitoring all assets and their transactions and
dependencies, Armis delivers true insights into the cyber asset attack surface found
within the entire enterprise.

Paired with Armis Asset Vulnerability Management, Armis goes beyond simple
vulnerability scanning and addresses the full cyber risk management lifecycle of OT
assets, including mapping risk to business criticality, prioritizing assets needing
immediate attention, orchestrating remediation, and tracking processes and
workflows through to remediation.

Armis has two FedRAMP authorizations — Moderate and Impact Level 4 (IL4) — and
aligns with the following industry standards: ISO 27001, ISO 28018 Best Practices, and BAE Systems
SOC 2 Type II certifications.

Armis is deployed at thousands of sites worldwide. It is a privately held company and BAE Systems is an OT security service provider. Its services include assessing,
is headquartered in California. designing and managing cybersecurity offerings for complex and mission-
critical assets. As a global manufacturer and systems-integrator, BAE brings
OFFERINGS: rich experience in this segment, coupled with the latest industrial
v Cyber Asset Attack Surface Management (CAASMx cybersecurity knowledge and products, and uses its expertise to help
v Network Segmentatioz customers successfully secure their operational infrastructure.

v OT Securitˆ BAE has a team of dedicated industrial cybersecurity experts with

v OT Asset Managemen† professional engineering pedigree and experience. Its offerings are compliant
v Building Management System with CPNI and IEC62443 cybersecurity standards.
v ICS Risk Assessmen†
v Medical Device Securitˆ OFFERINGS:
v Threat Detection and Response Services include security advisory, security diagnostic, risk assessment,
security strategy, security architecture, security framework, network
http://www.armis.com segmentation, network monitoring, security testing, security assurance,
info@armis.com security training, and security cases.
https://www.baesystems.com/

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 32

 AuthUSB is a global manufacturer, focused on the development of proprietary
solutions in the field of OT, critical infrastructures, and defense cybersecurity, for
specific attack surfaces, even in disconnected, or isolated environments.
OFFERINGS:
h SafeDoor Solution: The SafeDoor solution integrates hardware with embedded
software, that provides total security, protection, detection, and immediate
remediation for the three attack vectors (hardware, electric, and software) that
USB devices may contain. An external and uncontrolled USB device (and
occasionally, an internal one) is never reliable and must never enter the
organizationM
h SafeDoor performs a dynamic and ongoing analysis at a hardware and electrical
level, until the USB device extraction. SafeDoor also real-time scans the contents of
USB devices with a full antivirus engine embedded in them. The solution also offers
a management console that allows traceability and management of all the USB
devices, contents, and users in real-time and also prevents information leakages
because those privileges are granted only by the administrator user. All events, at
all levels, are recorded to enable auditory reportsM
h SafeDoor has been deployed in various OT and IT environments offering global,
effective, and certified protection.
https://www.authusb.net
info@authusb.com

Industrial Cybersecurity Technology, Solutions & Services 33

 Beacon Security
Beacon Security is a ‘boutique’ services company based in India that focuses
on OT cybersecurity. As a vendor-agnostic solution service provider, Beacon
Security works with companies across industries, from renewable energy to
Booz Allen Hamilton combines industry knowledge and experience with people and chemical manufacturing. Its practitioners have experience across the OT and
technologies to reduce risk, improve safety, and increase business profitability. Its cybersecurity domain, from ICS implementation to cybersecurity product
Operational Technology (OT) security offering is called SAF-ICS, which is developed in development to cybersecurity leadership at Fortune 100 organizations.

partnership with Splunk. SAF-ICS is a pragmatic OT risk assessment lifecycle used by Beacon Security also has an in-house OT cybersecurity SOC to augment an
Booz Allen Hamilton to prioritize and mitigate risks in industrial cybersecurity organization’s cybersecurity staff with a capable operations team.
environments.

www.beaconsecurity.io
With a unique perspective born from supporting OT offerings across markets, Booz
Allen Hamilton provides a hands-on, mission-focused approach to OT security, with
cutting-edge approach enabling broad visibility and secure OT.
@
contact beaconsecurity.io

Services include:
 Cyber Risk:

Its cyber threat-centric approach helps to quickly identify and prioritize cyber
vulnerabilities to implement a resilient defense. Managing cyber risk thresholds
promotes improved organizational readinessx
 Cyber Architecture and Engineering: 

The company helps clients to deploy the best hardware and software offerings to
meet the evolving cyber threat landscape while remaining aligned with their cyber
strategy and operations planx
 Cyber Defense Operations: 

Advanced cyber defense empowers users to become more proactive through
Byo ncsI
threat-informed decision makingx Adding cybersecurity to operational technology tends to disrupt operations.
 Cyber-Enabled Platforms: 
 Traditional IT approaches for securing your OT environment don’t work the
Booz Allen Hamilton assesses and hardens system security at the intersection of way you do. So processes tend to complicate the way things get done, like
cyber and physical platforms. It empowers industrial companies to anticipate and securing legacy equipment, enabling external vendor access, retooling a
respond to today’s cyber challenges. From strategy and design, to implementation j U
production line, or ust conducting day-to-day operations. ntil now. Byos is
and operations— the company enables users to keep their energy company designed to enable digital transformation without hindering progress.
secure.
www.byos.io
www.boozallen.com gg@
en a e byos.io

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 34

 Check Point Software Technologies, Ltd.
Check Point delivers cybersecurity solutions, including network security,
endpoint security, cloud security, mobile security, data security, and security
management.
Capgemini offers its clients a range of services designed to protect business-critical
OFFERINGS: systems, such as industrial control systems (ICS), Supervisory Control and Data
— Quantum protects enterprise networks from sophisticated cyber-attacks Acquisition (SCADA), and embedded systems. Its cybersecurity offerings includes
with the highest caliber of security, real-time prevention, and high- industrial system security assessment that helps critical system operators defend
performing security gateways| themselves against sabotage and blackmail attacks; digital manufacturing securing
products and industrial systems; and energy IoT that protects smart and connected
— CloudGuard to secure the cloud with a unified cloud-native security
assets.

platform, automating security posture at scale, preventing advanced

threats, while also giving visibility and control over any workload across The company’s capability for protecting industrial and embedded systems is
any cloud| supported by R&D teams working on offerings adapted to an industrial context. It has
— Harmony protects remote users’ devices and access from any cyber been securing industrial systems of major industrial operators and manufacturers for
threat| many years,and demands a high level of system security. For example, Capgemini
helped a global industry leader in the utilities sector define the security protections
— Infinity Vision ensures complete breach prevention and manages the and deploy them on all their industrial sites. The plan included raising awareness on
entire security estate with a unified policy, from a single point. security amongst employees.
https://www.checkpoint.com/ Services include:
Sales@checkpoint.com — Industrial System Security Assessment: 

Helps critical system operators defend themselves against sabotage and
blackmail attacks|
Claroty — Digital Manufacturing: 

Focuses on improving the digital maturity of core manufacturing functions across
product and asset lifecycle management, onsite and remote operations
Claroty empowers organizations to secure cyber-physical systems across management, industrial IoT and big data, system simulation, and industrial
industrial, healthcare, and commercial environments: the Extended Internet of cybersecurity|
Things (XIoT). The company’s unified platform integrates with customers’
existing infrastructure to provide comprehensive controls for visibility, risk and — Energy IoT: 

vulnerability management, threat detection, and secure remote access. Allows businesses to deploy offerings to meet the broadest range of use cases
Backed by investment firms and industrial automation vendors, Claroty's through intelligent edge technologies, open machine-to-machine
solutions are deployed at thousands of sites globally. communications capabilities, and big data analytics.
https://www.capgemini.com/services/cybersecurity/
https://claroty.com/
kelly.f@claroty.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 35

 Cisco’s comprehensive cybersecurity solutions, industrial networking portfolio, and
expertise with OT requirements are a rare combination in the ICS security market.
OFFERINGS:
o Cisco Cyber Vision gives asset owners complete visibility into connected devices
and their OT security posture. Embedded into industrial network equipment, it
enables deployment of OT security at scale without additional hardware or SPAN
collection networksJ
o Cisco Identity Service Engine (ISE): Network Access Controller (NAC) enabling a
dynamic and automated approach to policy enforcement. It leverages asset
profiles and groups from Cyber Vision to automate OT network segmentationJ
o Cisco Secure Equipment Access: Cloud-based remote access service that
leverages Cisco’s industrial network equipment to provide secure remote access
capabilities to named OT assets using RDP, SSH, HTTP/S, VNC, or any TCP/UDP
application. All within a single set of security controlsJ
o Cisco Secure Firewall: Threat-focused firewall to build IDMZ and isolate specific
network segments. It can enforce filtering policies based on Cyber Vision asset
profiles and security eventsJ
o Cisco Secure Endpoint: Advanced malware protection for industrial workstations,
servers, laptops, and tabletsJ
o Cisco Secure Network Analytics: Network Traffic Security Analysis (NTA) and Network
Detection and Response (NDR) solution using network telemetry to detect
advanced threatsJ
o Cisco XDR: Extended Detection and Response (XDR) platform aggregating threat
intelligence and data from multiple security technologies—Cisco and others—into
one unified view to streamline investigations and offer case management and
custom playbooks for remediationJ
o Cisco Talos: The company’s threat intelligence team is the official developer of
Snort signatures powering all intrusion detection solutions. Talos also provides
proactive services to strengthen security posture and test capabilities. It can be
engaged within hours to help respond and recover from a breach.
www.cisco.com/go/IoTsecurity
AskIoT@cisco.com

Industrial Cybersecurity Technology, Solutions & Services 36

 Cloud Range Cybersplice
Cloud Range offers a comprehensive cyber preparedness solution and cyber Cybersplice's core mission is to prevent death and destruction caused by
range-as-a-service. Used by enterprise SOC and incident response teams in cyber-physical attacks.
every industry, Cloud Range enables organizations to accelerate real-world
experience for cybersecurity teams, significantly reducing cyber risk. OFFERINGS:
 Splicecloud provides rapid security visibility for OT networks through zero-
The full-service cyber simulation training and assessment touch, virtual, or deep probes. Metadata and AI switch the lights on to track
platform includes: nodes, behaviors, outliers, and anomalies
 Customizable, cloud-based cyber rangeˆ  Splice in-path shields vulnerable OT equipment inside an encrypted
 Live-fire cyber attack simulations for teams- Red, Blue, and Purple Team overlay network, disrupting the kill chain for would-be attackers, extending
and CTF exerciseˆ visibility with logical isolation, secure identity management, and secure
 Over 1,500 individual skill development labˆ remote access
 Advanced tabletop exerciseˆ
 Splice-net builds a dedicated encrypted overlay network on top of existing
 Hiring assessmentˆ
hostile carrier infrastructure, connecting untrusted segments securely into
 IT and OT environmentˆ
the control center.
 Reporting and analysis

www.cloudrangecyber.com https://cybersplice.com
callen@cloudrangecyber.com splice@cybersplice.com

Cybellum Cybolt Secure Solutions

Cybellum is where teams do product security. Automotive manufacturers With a highly-competent roster of practitioners, Cybolt provides a host of
such as Supermicro, PTC, LG, and Jaguar Land Rover use Cybellum's Product managed cybersecurity and risk management services specifically tooled to
Security Platform to execute and manage various aspects of their the needs of each of its clients and the critical infrastructures they support. By
cybersecurity operations across teams, product lines, and business units. selling and supporting both the tools and services, Cybolt addresses a
From SBOM to vulnerability management, compliance validation, and incident comprehensive suite of needs that help gain better visibility, identify and
response, teams ensure their connected products are fundamentally secure reduce risk, and to reach and maintain compliance to mitigate exposure to
and compliant – and stay that way. untoward threat actors.

www.cybellum.com www.cybolt.com
annette@cybellum.com contacto@cybolt.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 37

 Cylus Cynerio
Cylus provides rail operators with a specialized cybersecurity solution to Cynerio develops a platform that enables healthcare providers to secure
ensure service availability and safety. Combining deep rail and cybersecurity patient data and connected medical devices from cyber threats. In addition,
expertise, Cylus has pioneered a platform for real-time asset visibility and the platform provides device behavior learning with medical workflow
threat detection across heterogeneous rail operating technology analysis to provide complete visibility into what machines are doing on the
environments. With customers across the globe, Cylus leads with a network and the associated risk.
comprehensive cybersecurity solution enabling compliance and reducing
risks in the face of escalating cyber threats. OFFERINGS:
Cynerio ealthcare IoT lat or provides healthcare facilities with a
https://www.cylus.com/
H p f m

comprehensive suite of solutions that caters to every IT need, from

info@cylus.com healthcare-safe zero trust cybersecurity to asset and risk management .

The platform covers every connected asset, whether it s medical/Io T,

' M

enterprise IoT, or an OT system - and every threat vector, equipping hospitals

with the tools, insights, and controls needed to get cyber-secure fast and stay
secure.

https://www.cynerio.com/
info@cynerio.co

Cynalytica Defentos
Cynalytica develops sensor and software machine learning analytics Defentos is an OT and IT cybersecurity partner that provides support in all
platforms that provide fully passive, fail-safe monitoring and analysis of cybersecurity challenges. The company provides security advice, testing, and
physical communications in industrial control systems (ICS/SCADA). Giving awareness training covering organization, process, people and network,
control system operators the ability to securely provide visibility and unique systems, applications, and data. Defentos believes in having strong
situational awareness to high-risk, high-impact cyber-physical assets, such knowledge of regulations and standards and how to be compliant with them.
as energy systems, water/wastewater treatment facilities, manufacturing, It stands by its customers that need support in solving complex security
nuclear power, defense systems, and building facilities. challenges.
https://www.cynalytica.com https://defentos.nl/
richard@cynalytica.com info@defentos.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 38

 Cyolo is setting a new standard for secure remote access. Founded by a former
manufacturing industry CISO and two ethical hackers, Cyolo was created to solve the
challenge of securely connecting high-risk users, including remote workers and third-
party contractors, to mission-critical applications within every kind of environment.
OFFERINGS:
S The Cyolo zero-trust access solution can be deployed on-premises, on IaaS
platforms, or in a hybrid model in which customers utilize the Cyolo cloud to route
TLS requests. Cyolo enables secure access and connectivity even when deployed
deep within ISA95 and ISA99 zones and other air-gapped topologies, completely
isolated from the internet. In addition, the majority of Cyolo’s value can be
achieved without installing an endpoint agent^
S Cyolo gives organizations confidence that third-party contractors and vendors
are securely accessing critical applications and devices such as HMIs, PLCs, and
SCADA, while still supporting RDP, SSH, VNC, and web applications with ease. To
further ensure that only verified users can connect to critical systems, Cyolo layers
modern multi-factor authentication (MFA) and single sign-on (SSO) capabilities to
legacy and custom-built systems that do not natively support these protocols^
S Beyond enabling secure access to all environments, Cyolo also empowers
organizations to take back control of their data and resources. Unlike other
vendors, who rely on a shared infrastructure model that immediately violates the
principle of zero trust, Cyolo is built on a trustless architecture that stores all
customer data securely within the organization's trusted perimeter and never in
the Cyolo cloud. This architecture adheres to ISA95, ISA99, and NERC guidelines. All
users – internal and external – can connect without an agent to all company
resources, with continuous identity authentication and supervisory controls, such
as session recording, in place.
https://cyolo.io
contact@cyolo.io

Industrial Cybersecurity Technology, Solutions & Services 39

 Denexus
DeNexus Inc, is the global leader of second-generation cyber risk
quantification and management to large industrial facilities, OT service
providers, and the cyber risk transfer market.

Deloitte's cyber-physical systems (CPS) security solutions encompass an expansive Our flagship platform, DeRISK, is the world’s first evidence-based, data-driven,
offering of operational technology (OT), Internet of Things (IoT), and product real-time, cloud-based technology that helps gain visibility into a large OT
cybersecurity services that together with its globally recognized experience, offer facilities actual asset exposure using data from INSIDE the clients OT network.
industry-specific solutions tailored to meet specific business needs. This critical Inside Data enables detailed, bottom-up, portfolio-level cyber risk
modeling.

Benefits include:
DeRISK delivers the most accurate and credible Industrial OT Cyber Risk
g Reduced risk of security incidents that could impact health, safety, or the Exposure, Probability of Loss, Financial Impact of Cyber Events, and the ROI-
environment; business interruption; and data loss[ based Mitigation Options to reduce cyber risk over time.
g Improved compliance with regulations and standards requiring cyber risk
measures and mitigation[ https://www.denexus.io/
g Improved visibility into business assets, their location and security posture, and the
software components that make them up[ info@denexus.io
g Increased perception as a market leader in meeting customer demands via early
action and preparedness against emerging threats.
Cybersecurity goes way beyond IT
It ripples through an organization’s operations, from the products they develop and
manufacture, to the services they provide. With cyberattacks against smart buildings,
industrial control systems, and medical devices on the rise, advanced security for OT

DiTech Solutions
cybersecurity, IoT security, and other cyber-physical systems is essential. Whatever
the organizational challenges, Deloitte can confidently help achieve CPS, IoT, and OT
security objectives. The company puts its experience, alliances, and tailored
approach to work across industries. DiTech Solutions offers cybersecurity and security awareness training to
The Deloitte difference students and professionals. It provides current students, professionals, and
cybersecurity teams the opportunity to learn various cyber-attack
Deloitte helps organizations achieve an enhanced security posture and why,
methodologies and defense tactics by training on some of the best hyper-
wherever they are in their journey. It has the experience, knowledge, and tools to help
realistic Cyber Ranges, including application and software Cyber Range. The
move the organization forward.
company uses real-world threats on various cloud-based cyber simulators,
https://www2.deloitte.com including on-premise cyber ranges from global partners.

CyberIoTandOT@deloitte.com The Cyber Ranges and security training courses provide students and
professionals with the opportunity to train using top cybersecurity tools,
identify various attack types, practice incident response techniques, and
mitigation strategies, building on their knowledge and skills.

https://ditechsolutions.com
cphillip@ditechsolutions.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 40

 Dragos DTS Solution (HawkEye)
Dragos caters to the needs of the ICS and IIoT cybersecurity community by HawkEye, powered by DTS Solution, offers managed cyber security operations
applying expert human intelligence and threat behavior analytics to redefine centers (CSOC) and XDR to help organizations stay ahead of the evolving
industrial cybersecurity.
cyber threat landscape. It continuously monitors digital assets whilst
The Dragos Platform delivers enhanced visibility of an organization’s ICS/OT detecting and protecting them from threat actors.
assets and communications. It rapidly pinpoints threats through intelligence-
driven analytics, identifies and prioritizes vulnerabilities, and provides OFFERINGS:
practitioner-focused response playbooks. Codified with the expertise of the h HawkEye offering for ICS/OT: HawkEye managed CSOC and XDR powered
largest, most experienced team of ICS/OT security practitioners, Dragos by DTS Solution provides monitoring services either in real-time, scheduled
ensures its customers are armed with the most up-to-date technology and frequencies, or on-demand, to help organizations understand the
intelligence to combat sophisticated industrial adversaries.
cybersecurity risks within their ICS/OT environmentV
In addition to the Dragos Platform, Dragos solutions include OT Watch, a h HawkEye offers managed cybersecurity services for organizations that
managed threat hunting service; Dragos Worldview, an OT-specific threat operate ICS/OT environments in various operating models, including
intelligence service; and Neighborhood Keeper, a free, opt-in collective secure remote monitoring service and scheduled managed cybersecurity
defense solution for Dragos Platform customers. services (subscription).
www.dragos.com https://www.hawk-eye.io/
info@dragos.com info@dts-solution.com

DriveLock DNV
DriveLock SE is an international specialist for cloud-based endpoint and data DNV is an independent assurance and risk management provider, operating
security with offices and representations in Germany, Australia, Singapore, the in more than 100 countries, with the purpose of safeguarding life, property,
Middle East, and the USA. In the digital transformation era, the success of and the environment. As a trusted voice for many of the world’s most
businesses depends on how reliably people, businesses, and services are successful organisations, we help seize opportunities and tackle the risks
protected against cyberattacks and the loss of valuable data.
arising from global transformations. We use our broad experience and deep
Founded in Munich, Germany in 1999, DriveLock's mission is to protect expertise to advance safety and sustainable performance, set industry
company data, devices, and systems. To achieve this, DriveLock utilizes the standards, and inspire and invent solutions.
latest technologies, experienced security experts, and solutions based on the https://www.dnv.com/cybersecurity
zero trust model. In today's security architectures, zero trust means a
paradigm shift according to the maxim "Never trust, always verify". This way, cybersecurity@dnv.com
data can even be reliably protected in modern business models.

https://www.drivelock.com
briantuck@drivelock.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 42

 Exalens
Exalens delivers a cybersecurity solution for smart manufacturers facing
threats to their connected physical operations. The platform autonomously
detects and classifies the source of abnormal behavior across IT, OT, and IoT
cyber-physical processes. Its AI engine informs users whether a cyber attack, Fortinet is a driving force in the evolution of cybersecurity and the convergence of
system fault, or machine failure is affecting operations and how to best networking and security, with a mission to secure people, devices, and data
respond.
everywhere. It provides cybersecurity everywhere needed with the largest integrated
Exalens’ solution learns an organization’s discrete processes, spots the root portfolio of over 50 enterprise-grade products.
cause of incidents, then alerts IT and OT teams in seconds. No added
infrastructure is required for implementation, and it helps reduce MTTR,
SERVICES:
maximize production, and build resilience with the Exalens cyber-physical N FortiOS, Fortinet’s security operating system, expands the Fortinet Security Fabric’s
detection and response platform. ability to consolidate multiple security point products across an ever-expanding
attack surface, helping customers reduce and manage the attack surface,
www.exalens.com prevent advanced threats, and reduce complexity&
team@exalens.com N FortiGate next-generation firewalls: are powered by purpose-built security
processing units (SPUs). They enable security-driven networking and are ideal
network firewalls for hybrid and hyper-scale data centers. Options include
Industrially hardened appliances providing network connectivity and securing
critical industrial and control networks&
N Secure Remote Access: Remote access VPN with multi-factor authentication (MFA),
traffic inspection, and application control to protect the organizations’ remotely
accessed digital assets&
N Security Operations: Fortinet Security Operations solutions deliver advanced threat
intelligence to detect, prevent, and respond to sophisticated malware. It also helps
Fend achieve compliance and improve overall security awareness&
N Network Operations: Fortinet’s solution implements a security strategy that
Fend data diodes physically block ICS cyberattacks while securely allowing prioritizes automation-driven network operations to help prevent network
operational real-time data monitoring for analytics, modelling & predictive breaches and provides an integrated security architecture to unify siloed
maintenance. Fend safely connects legacy and new IIoT devices with environments&
enterprise networks or to the cloud while physically blocking remote cyber N Industrial Security Services provide the capability to detect and protect against
threat vectors. network-level threats while enabling extensive visibility into industrial applications
used in ICS environments&
OFFERINGS: N Fortinet Training Institute is dedicated to making cybersecurity training and new
career opportunities available to everyone&
¼ Data Diodes: Fend provides affordable, US-made data diodes that protect N FortiGuard Labs, Fortinet’s threat intelligence and research organization, develops
enterprise, utilities, and critical infrastructure operators by physically and utilizes machine learning and AI technologies to provide customers with
segmenting IT/ OT networks (with optical isolation). Fend’s products are timely protection and actionable threat intelligence.
made in the USA and tested by multiple US government agencies,
including US Army, US Navy, USACE & GSA.¢ www.fortinet.com/OT
¼ Fend Cloud Service enables customers to safely utilize the cloud via API OT@fortinet.com
while defending against remote access vulnerabilities.
https://www.fend.tech/
info@fend.tech

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 43

Framatome Cybersecurity, a solutions line of Framatome, a global leader in the
nuclear industry, offers solutions to protect IT and OT systems in critical sectors like
energy, defense, transportation, and public administration. With over 600 customers
trusting Framatome Cybersecurity, its commitment is to strengthen resilience against
cyber risks while meeting sovereignty requirements.
OFFERINGS:
Z Cybersecurity maintenance solutions deliver end-to-end industrial vulnerability
and remediation solutions, safeguarding IT and OT environments. The company
provides vulnerability management through its Cyberwatch product, offering
continuous monitoring and prioritization of vulnerabilitiesC
Z FoxGuard Solutions' Patch Availability Reporting (PAR), Patch Binary Acquisition
(PBA), and Sentrigard simplify and automate remediation, streamlining enterprise
asset lists and ensuring security complianceC
Z Framatome's cybersecurity services include risk assessment, penetration testing,
and system hardening. Its risk analysis and treatment plans are based on
international standards, while penetration testing simulates cyberattacksand
Framatome validation platform simulates industrial networks to identify
weaknesses and implement countermeasures. System hardening reduces attack
surfaces by eliminating potential attack vectors and ensuring the security of the
organizational infrastructureC
Z TAG4TRUST solution detects and manages physical intrusions on I&C systems,
ensuring the integrity of I&C equipment. With traceability for I&C systems and
components, TAG4TRUST helps plant operators detect unauthorized access
attempts and maintain secure operations.

Framatome Cybersecurity protects global operations and enhances an

organization's resilience against potential cyber threats with its balanced and
comprehensive solutions.
https://framatomecybersecurity.com/
cyber-services@framatome.com

Vendor directory
 Garland Technology
Garland Technology is a USA-based manufacturer of network TAPs, network
packet brokers, and inline bypass solutions. Since 2011, Garland has been
helping companies’ OT network monitoring and security sensors deliver on
their promise of performance and protection because Garland reliably GE Digital offers industrial managed security services for OpShield, designed for
delivers all of the data the sensors require.
operational technology (OT) environments. GE Managed security services allow
Garland Technology understands that industrial and manufacturing OT organizations to support and protect their critical processes and control strategy,
networks are unique environments, with demanding and exacting while providing visibility and insight for broad situational awareness.

requirements. Garland engineers hardware that operates in a variety of With OpShield deployed in Industrial Control Systems (ICS), Supervisory Control and
conditions like extreme temperatures, vibration, DC power, tight spaces, 100 Data Acquisition (SCADA), and other OT environments, features such as network
Base-FX media, and unidirectional traffic flow with physical hardware segmentation, deep protocol inspection, and network whitelisting capabilities inform
separation inside the network TAPs. GE Digital security analysts, either with alerts or block commands.
https://www.garlandtechnology.com/ Services include:
sales@garlandtechnology.com Û Advisory Services: GE helps organizations plan and start their industrial IoT journey
to align with specific business outcomesÅ
Û Managed Services: This includes maintenance of critical machines from remote
locations around the world using model-based predictive analytic technologyÅ
Û Implementation Services: GE's automation partners can implement a
collaborative, multi-generational program that marries (integrates) the existing
investments to the right enhancements and technologyÅ
Û Education Services: GE specializes in education services to ensure that the
customers are leveraging GE's offerings to the fullest extent with training and
Forescout Technologies certificate programsÅ
Û GlobalCare Support Services: This enables users by ensuring that their business
Leveraging Forescout’s integrated IT/OT platform, network operators can gain continues to operate at its highest efficiencyÅ
complete visibility and classification of all devices in ICS networks and
Û Cyber Security Services: GE provides industrial-grade security for a variety of OT
mitigate cyber and operational risk with comprehensive vulnerability and
network and application topologies.
threat detection. In addition, they save time and money with policies for
automating security controls across IT and OT networks. www.ge.com
OFFERINGS:
Û Continuous OT/ICS device discovery, classification, risk assessment, and
compliance monitoringÅ
Û In-depth visibility of all IP-connected devices across campus, data center,
and cloud networksÅ
Û Enforcement and automated policy-based controls to proactively reduce
the attack surface and rapidly respond to incidentsÅ
Û Dynamic network segmentation across the extended enterprise.
https://www.forescout.com/
sales@forescout.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 45

 Hexagon Asset Lifecycle Intelligence H P W olf
PAS, part of Hexagon, delivers software solutions that prevent, detect and HP olf s endpoint/privileged access security products provide full-stack zero
W ’

remediate cyber threats. It also reduces process safety risks, optimizes trust hardware-enforced protection to prevent compromising of IT / OT
profitability, and enables trusted data for decision-making. systems and remote (third-party) critical admin sessions. itigation of
M

emerging cyber threats ensures the availability and (technical) integrity of OT

OFFERINGS: systems.
The OT / ICS Cyber Integrity identifies configuration changes against
established baselines, provides continuous vulnerability management with OFFERINGS:
patch level assessments, and identifies cybersecurity risks to both IT and OT/ 2 Sure Access nterprise protects privileged (remote) user/admin activity
E

ICS endpoints.
(e.g. to H I systems) by isolating critical activity from threats like
M

Automation Asset Management: PAS Integrity aggregates, organizes and keyloggers, clipboard capture, malware, or compromises


contextualizes highly complex data from disparate, proprietary industrial 2 Sure Click nterprise uses hardware-enforced micro-virtualization
E

automation systems to help plant personnel maximize productivity, ensure technology to isolate malware, phishing, or ransomware attacks in IT/OT
reliability, and proactively identify and address potential safety incidents. systems, preventing infection and spreading. It has protected over 25

billion user actions (clicks) without a reported compromise.

https://pas.com/products-and-services/ot-ics-cyber-security
https:// .hp.com
www

pe e.aarde er hp.com
ll w k@

Honeywell I CS R ange
Honeywell provides IT/OT cybersecurity solutions that help protect critical ICS ange is an educational platform, with real-life industrial e uipment - built
R q

infrastructure and IIoT technologies worldwide. Solutions are vendor-neutral, to further train and educate all employees, who daily work with OT systems,
supporting both Honeywell and non-Honeywell assets and deliver an including IACS, ICS, and SCA A. They range from basic introduction level to
D

integrated solution to operational technology (OT) cybersecurity. expert level education and enable better, faster, and more efficient learning
across the OT industrial security (OT/ICS/IACS) infrastructure.
OFFERINGS:
2 H oney ell Forge Cybersecurity Suite helps to simplify, scale, and
w
www .icsran e.com g

strengthen OT cybersecurity at a single site or across an enterprise. It in o icsran e.com

f @ g

comes with passive and active methods built for industrial operations 

2 Honeywell s highly skilled OT cybersecurity consultants can provide

’

services to support the cybersecurity lifecycle from start to finish, from risk
assessments to remediation to incident response. The company s portfolio
’

includes cybersecurity software, managed security services, industrial

security consulting, and integrated security solutions.

www .becybersecure.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 46

 Israel Electric Corporation, Cyber
Development
With 100 years of experience, the Israel Electric Corporation (IEC) is Israel's
IBM Security offers end-to-end threat management for OT, IoT, and Internet-of- primary electricity provider, responsible for all aspects of the electricity
Medical-Things (IoMT) environments. It offers a portfolio of Operational Technology system, generation, transmission, distribution, and supply. Operating as an
(OT) security offerings that help industrial, asset-intensive environments monitor and energy island in challenging geopolitical conditions, and with its renowned
secure networks, protect endpoints and deliver industrial cybersecurity services. operational and design experience, and the Israeli innovative mindset, IEC
assists power utilities worldwide in meeting the evolving requirements of the
Platform capabilities: ‘utility of the future.’ The company’s understanding of cyber security has led to
’ OT security strategy, risk and compliance: Clients can evaluate existing security the development of ‘cutting-edge, battle-proven’ solutions for utility cyber
governance against business requirements, including PCI, security, identity and IT security.
regulatory compliance„
https://sophic-cyber.com/
’ Assessment: IBM can help clients understand risks, gaps and vulnerabilities using a
phased approach. It includes engaging in strategy and planning, OT security risk, iecmarketing@iec.co.il
compliance and vulnerability assessments, and developing governance policies
and requirements„
’ IBM QRadar: This helps clients gain actionable insights, identify the top threats and
reduce the total alert volume. The IBM QRadar Security Intelligence Platform offers
automated analytics for detection and investigation and search-based threat
hunting tools designed to analyze and sort through a range of logs, events, and
network flows„
’ X-Force Red ICS testing: Clients can build and test industrial control system attack
scenarios to disrupt the attack chain„ KPMG International
’ IBM X-Force Exchange is a cloud-based threat intelligence sharing platform
enabling users to rapidly research the latest security threats, aggregate KPMG’s cybersecurity team works with organizations to prevent, detect, and
actionable intelligence, and collaborate with peers„ respond to cyber threats. The company provides users with its expertise in
’ OT Managed Security Services: IBM can also help clients manage alerts and Operational Technology (OT) using capabilities in strategy and governance,
reduce false positives with OT Managed Security Services, develop OT security security transformation, cyber defense, and digital response services.
incident response plan and playbooks, and leverage security analytics.
OFFERINGS:
https://www.ibm.com
’ Assessing risks and capabilities: Adopt established methodologies,
info@ibm.com international standards, and experience„
’ Improving Governance: Helps bridge the gap between OT and IT teams,
and reduce uncertainty over responsibilities„
’ Building Assurance: From point-in-time Industrial Control Systems (ICS)-
specialized security testing to creating ICS-inclusive internal audit
programs, and governance, risk and controls (GRC) integration„
’ Delivering Transformation: KPMG brings specialized knowledge, sound
program, and project management practices.

https://home.kpmg/

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 47

 Industrial Defender delivers the OT asset data needed to protect industrial operations.
The Massachusetts, USA-headquartered company, established in 2006, is trusted by
industrial organizations and critical infrastructure operators around the world.

Industrial Defender provides deeper-level asset data, vital endpoint information,

historical context, and change detection for addressing cyber risks across the OT
environment. Industrial organizations leverage Industrial Defender’s platform as a
single source of truth for all operational asset information, enabling them to achieve
key goals in OT asset management, change and configuration management,
vulnerability management, and policy compliance.

Industrial Defender serves customers globally across all OT-intensive sectors,

including manufacturers, power utilities, oil and gas, and other critical infrastructure
operators. Building upon a strong heritage of NERC CIP compliance solutions,
Industrial Defender’s expanded set of OT data capabilities supports the safety,
availability, and security of critical operations.
Platform capabilities:
r OT Asset Management: Inventory and manage all OT hardware and software
detailt
r Configuration Management: Ensure secure configuration; detect changes from
known good baselinet
r Vulnerability Management: Assess vulnerabilities and manage patching and
mitigation effortt
r Compliance Management: Automated reporting for assessing against frameworks
and auditing
https://www.industrialdefender.com/
info@industrialdefender.com

Industrial Cybersecurity Technology, Solutions & Services 48

 Lansweeper Maxwell Automation
Lansweeper helps organizations minimize risks and optimize their IT by Maxwell is an emerging process automation solution vendor delivering cost-
providing actionable insight into the entire technology estate@ effective process control and automation solutions that help ensure reliability,
9 Eliminate the blind spots and discover hardware and software assets the excellence, customer satisfaction, and safety. It enables customers across the
organization didn't even know about@ world to maximize value from their industrial assets and facilities by providing
9 Auto-populate the CMDB, enrich service desk tickets, and track the asset's automation and intelligence solutions.
lifecycle to make time for what the organization does best@
9 Detects rogue devices, vulnerabilities, and non-compliance issues before OFFERINGS:
they become a problem@ 9 Field instrumentation solutions for process industr•
9 Reveal needless expenses, support budgeting decisions, and manage the 9 PLC, DCS, and SCADA solution¤
IT cost-effectively with accurate data. 9 Engineering consultancy regarding automation solution¤
9 Instrumentation and power cable¤
https://lansweeper.com 9 Site services (installation, testing, and commissioning)
bert.de.mol@lansweeper.com
https://maxwell-automation.com/
usman.younis@maxwell-automation.com

Mandiant Mocana
Mandiant works on making every organization secure from cyber threats and Mocana helps device operators bridge the adoption challenge between
confident in its readiness. It delivers dynamic cyber defense solutions by vendors and service providers and enables digital transformation. The
combining services and products powered by the company’s expertise, company protects content delivery supply chain and device lifecycle for
intelligence, and technology. tamper-resistance from manufacture to end of life, with root-of-trust and
chain-of-trust anchors.
OFFERINGS:
9 A variety of services focused on ICS and OT with three key areas - OFFERINGS:
consultation and assessment, intelligence, and managed detection and 9 The Mocana TrustCenter operations platform provides a tamper-resistant
response. The company’s experts have worked in almost every industry and scalable workflow for transferring ownership and lifecycle
utilizing ICS and understand the nuances and context each different field management@
requires@ 9 Mocana TrustEdge is a comprehensive software solution for IoT device
9 Mandiant leverages the company’s intelligence to inform its services of protection@
the latest attacker methods and techniques, and uses its experience in 9 The Mocana TrustCore development platform empowers application
ICS/OT incident response to further enrich the intelligence. developers with a simple set of APIs to leverage data privacy and
protection controls for safety, security, and compliance.
https://www.mandiant.com
robert.caldwell@mandiant.com https://www.mocana.com/
sales@mocana.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 49

Nozomi Networks offers OT and IoT cybersecurity solutions that reduce operational
risk while automating, simplifying, and accelerating remediation. Their solutions
deliver exceptional network and asset visibility, threat detection, and AI-powered
insights for OT and IoT environments. Critical infrastructure, industrial, and
government organizations worldwide rely on Nozomi Networks to minimize risk and
complexity while maximizing operational resilience.
OFFERINGS:
[ Nozomi Networks’ platform is designed for scalability and centralized
management. It uses AI and ML to provide deep insights and root cause analysis to
quickly detect and prioritize vulnerabilities, threats and process anomalies in real-
timeK
[ Vantage: The Vantage SaaS solution scales security monitoring and visibility for
large multi-site enterprises while offering the cost benefits and flexibility of a
cloud-hosted solution. It unifies visibility, threat detection, and security monitoring
for an unlimited number of nodes and systems for high-volume trafficK
[ Guardian: Guardian sensors collect and analyze operational data on-premises,
including visibility for OT and IoT networks and assets. They detect cyber threats
and vulnerabilities, providing situational awareness that is critical for ensuring
security, compliance, and operational continuityK
[ Arc: The Nozomi Arc endpoint sensor is an EDR solution that provides more detailed
asset visibility and continuously monitors individual host attack surfaces and
traffic. Arc makes it possible to identify hosts compromised with malware, rogue
applications, unauthorized USB devices, and suspicious user activityK
[ Vantage IQ: Vantage IQ provides AI-assisted data analysis that helps security
teams reduce cyber risk and speed response. It replicates the domain expertise of
seasoned security analysts and automates time-consuming tasks associated with
reviewing, correlating, and prioritizing network, asset, and alert data.
www.nozominetworks.com
jil.backstrom@nozominetworks.com

Vendor directory
 Mycena Limited NTT
MyCena is an access segmentation and encryption management solution NTT’s Intelligent Cybersecurity services help clients create a digital business
that makes digital access unbreakable. It removes over 82 percent of data that is "Secured by Design." With enhanced threat intelligence, NTT can
breaches by eliminating the human risk around access. MyCena is system predict, detect and respond to cyber threats while supporting business
agnostic and works for IT, OT, IoT, local, web, and remote access, including RDP innovation and managing risk.
(remote desktop protocol) and SSH (Secure Shell).
OFFERINGS:
www.mycena.co F Cybersecurity Advisory Services: NTT has a dedicated team of OT
info@mycena.co cybersecurity consultants globally@
F IT-OT Threat Monitoring & Response: This is a 24x7 SOC-delivered service
that monitors and responds to IT and OT network threats@
F IT-OT Managed Security Services: 24x7 SOC-delivered service that covers
a client’s end-to-end cybersecurity operation@
F Global Technology Services: Delivered by NTT’s technical experts, the
services deliver in-depth design workshops, supply industry best-of-breed
technology, and deploy solutions globally.

https://services.global.ntt
sales@global.ntt

Nanolock Security Ondeso GmbH

NanoLock Security provides device-level zero-trust OT cybersecurity solutions Ondeso develops software specifically in the fields of industry 4.0 and
to critical infrastructure customers, food and beverage, utilities, industrial, and digitalization and supports IT operating management and security in
manufacturing companies. Its solutions are shifting the paradigm from post- production. Plant operators from various industries, and machine and plant
incident detection to device-level prevention and protection. NanoLock manufacturers have been relying for years on Ondeso products, which can
protects multi-vendor, new, and legacy ICS against outsiders, insiders, supply be used across industries and over the range of production systems and
chain cyber threats, and even human errors.
processes. Ondeso manages the lifecycle of industry PCs and offers custom-
Trusted by large global industrial, manufacturing, and utilities companies, fitted products on the highest technological and conceptual level, fully made
NanoLock’s OT Defender solution ensures that every access, change request, in Germany.

or update attempt through a PLC (programmable logic controller) is always The Ondeso SR software offers asset management, patch management,
authenticated and authorized while ensuring compliance with international software deployment, endpoint management, disaster recovery, outage
security standards and guidelines. tracking, and network management.

www.nanolocksecurity.com www.ondeso.com/en
info@nanolocksec.com info@ondeso.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 51

 OPSWAT Ordr
OPSWAT delivers IT and OT/ICS critical infrastructure protection cybersecurity Ordr provides complete visibility and security over every connected device -
solutions and deep content disarm and reconstruction (CDR), protecting over from traditional IT devices to IoT, IoMT (Internet of Medical Things) and OT.

1,500 organizations from malware and zero-day attacks.

Ordr provides one common platform for security, networking, and device
OPSWAT solutions safeguard public and private sector organizations with the owners that enables a complete IoT device security lifecycle — from discovery
latest technology, processes, and hardware scanning to secure the transfer and profiling of devices and risks to the automated response. It also offers
of data, files, and device access across critical networks; ensure compliance role-based access controls and custom views for every stakeholder.
with policies and regulations; and protect their reputation, finances,
employees, and customers from cyber-driven disruption. OFFERINGS:
The Ordr Systems Control Engine (SCE) uses deep packet inspection and
www.opswat.com advanced machine learning to discover every device, profile its risk and
sales-inquiry@opswat.com behavior, map all communications and protect it with automated policies.

https://ordr.net/
info@ordr.net

Opswright OTORIO
Opswright is passionate about injecting security into the engineering domain OTORIO offers an industrial-native OT security platform enabling integrated,
to achieve secure by design and by default for critical infrastructure. By holistic security strategies for ICS and cyber-physical systems (CPS). Its
leveraging Opswright Impact software platform, the company embeds the proactive digital risk mitigation solutions are deployed at enterprises
principles of Cyber Informed Engineering into the engineering process, worldwide to protect business continuity and ongoing operations.

empowering any engineer to design safe and secure systems for critical OTORIO’s recently patented Operational Network Risk Mitigation System
infrastructure.
empowers practitioners to proactively implement a risk-informed approach
Opswright’s software supports the needs of engineering firms and asset to assessment, management, and mitigation. The company provides
owners. It is also aligned with industry guidance. such as the Security automated, consolidated, and contextualized visibility, allowing companies to
Engineering Maturity Matrix, IEC 62443, and others. Founded in Space Coast take control of their security posture, eliminate critical risks, and deliver
Florida, all development is U.S.-based and aligned to NIST 800-218 practices for immediate business value across the organization. The global team behind
secure development. OTORIO consists of experts in nation-state cyber security and industrial
domains.
https://opswright.com
sales@opswright.com www.otorio.com
marketing@otorio.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 52

 PwC Rhebo
PwC can help an industrial organization in various ways, such as through Rhebo delivers offerings that help with the cybersecurity and operational
strategy and governance, security architecture, security implementation, stability of the ICS and IoT infrastructure in energy, industrial, and water
threat and vulnerability management, risk and compliance, incident companies. Using its industrial network monitoring solution with anomaly
management, managed services, and IAM security. detection and its services, the Leipzig, Germany-based company, can
monitor all communication within the ICS and reliably report any attacks,
OFFERINGS: vulnerabilities, and technical error states.

W ICS risk assessments: The assessment covers system records and Rhebo directly supports operators of ICS to increase cybersecurity,
activities to determine the adequacy of system controls] productivity, and availability of their systems and plants and safeguard the
W ICS vulnerability assessment /penetration testing: This evaluation digital transformation of their processes.
includes capabilities to test ICS network from the internet, test ICS network
from IT, and test selected offline ICS systems for vulnerabilities] https://rhebo.com/en/
W Compliance assistance: PwC can help industries in adapting to info@rhebo.com
international and country-specific security standards]
W Security operations center (SOC): PwC also provides services SOCs to set
up a combined ICS-IT environment.

www.pwc.com

Radiflow SCADAfence
Radiflow offers ICS solutions for critical business operations. Its solutions SCADAfence helps companies with OT networks with reducing cyber risks and
enable CISOs to continuously monitor and simulate attacks without disrupting mitigating operational threats. Its non-intrusive platform provides full
critical industrial operations.
coverage of large-scale networks, offering detection, accuracy, asset
The company is on a mission to take the guesswork out of OT security and discovery, and user experience.

empower customers to prioritize their threats with risk management solutions The company integrates OT security within existing security operations,
Radiflow assists CISOs in making decisions and taking action driven by data. It bridging the IT/OT convergence gap.
views all assets using a detailed presentation map of the entire OT network,
down-drillable to all devices' properties, connections, and vulnerabilities. OFFERINGS:
https://radiflow.com/
W SCADAfence Platform: A continuous OT network monitoring platform that
provides visibility, risk management, threat detection, and OT remote
sales@radiflow.com access security.
W SCADAfence Multisite Portal: An MSP-ready management SOC for multiple
sites with secure, central configuration management.
W SCADAfence Governance Portal: Continuously monitors remote sites for
adherence to industry standards and organizational policies.

www.scadafence.com
marketing@scadafence.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 53

 Schneider Electric
SE provides offerings that support the need for industrial cybersecurity
protection across various business types and industries. It offers an end-to-
end solution that includes cybersecurity consulting, design and
Rockwell provides industrial cybersecurity offerings with a comprehensive approach implementation, security-specific maintenance, and cybersecurity training.
beyond just network security, protecting the integrity and availability of complex
automation offerings. The industrial security services will help assess, implement, and
OFFERINGS:
maintain Industrial Control System (​ICS)​ security within operations, while enabling @ Cybersecurity Consulting: SE’s assessment and analysis services help an
transformational technologies that rely on enterprise connectivity. organization identify the gaps between where they are now and worry-
free protection"
Services include:
@ Design and Implementation: Offers multiple security layers to safeguard
Security Assessments:
SE control, safety, and SCADA systems, which helps enable defense-in-
The first step clients need to take to manage their security posture is to assess the depth (DiD) for both legacy and new systems"
current state of their environment. It is impossible to become completely risk free, but @ Security-specific Maintenance: An annual maintenance service that
Rockwell will help establish a tolerable level of risk for operating environments. This ensures that the client's cybersecurity protection is always current and
includes understanding security posture within clients’ software, networks, control updated"
system, policies and procedures, and employee behaviors.

@ Cybersecurity training: Provides comprehensive industrial cybersecurity

Protect Against Threats
training.
After evaluating current security state and identifying risks, it is time to safeguard
operations against a vast landscape of threats. The company’s industrial security www.se.com
services team can help develop and implement an industrial cybersecurity offering
to help protect ICS using a defense in depth (DiD) security approach.

Continuous Threat detection:

Rockwell’s threat detection services can help monitor and detect these increasingly Secolve
complex industrial threats.

Secolve is an OT specialist cybersecurity firm. The company specializes in OT

Develop a Response Action Plan and Get Back to Production

offensive and defensive security, OT risk and advisory, and OT security

If a security event occurs, it is critical to immediately respond and address the awareness training through the company’s video-based platform OT-SAT. The
threat(s). Building on the expertise of its industrial security services team in networks platform covers a comprehensive suite of OT cybersecurity awareness
and security, Rockwell will help develop an action plan that uses proven methods to training video modules. This allows team members to watch the videos and
contain the incident and minimize damage. complete the training at their own pace, whilst allowing managers to track
www.rockwellautomation.com each individual’s progression of the training.

Secolve also recognizes that every organization’s cyber maturity is different

and requires a tailored and strategic response that meets short and long-
term needs.

www.secolve.com
info@secolve.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 54

 Secret Double Octopus
IT leaders are realizing their MFA programs underway are not good enough to
stop the phishing threat. The Octopus passwordless MFA removes the
vulnerable password from the workforce user's login with a phishing-resistant
MFA workflow, so IT slashes the attack surface by stopping the attacker's SRA’s Cyber-Physical Systems security practice provides advisory architecture,
ability to exploit passwords and phishing users. The other important part of engineering, and operations support throughout your OT/IoT/IoMT/IIoT/Robotics
Octopus passwordless MFA is that it works with existing password directories. security programs. We work collaboratively with you to execute Cyber Physical
So users and IT get all the benefits of passwordless MFA but without the Systems security programs and initiatives using our industry experience, cross-
added cost, risks, and delays of recoding apps and rearchitecting the identity vertical best practices and technical subject matter expertise. Our team of
infrastructure. specialized practitioners brings industry leading strategy, assessment, enablement of
trusted technology solutions and 24x7 MSSP capabilities.
www.doubleoctopus.com
don.shin@doubleoctopus.com, OFFERINGS:
Melissa.Howell@doubleoctopus.com µ Testing and Purple Teams: Penetration testing, hardware assessments, and a
collaborative, programmatic approach to measuring and increasing security
visibility in alignment with MITRE ATT&CK for ICS9
µ Risk Assessment: ISA/IEC 62243 and NIST-based security risk assessments for sites
and global entities9
µ Strategy and Framework: Defense-in-depth strategy and architecture to address
the unique security risks of CPS assets and environments with ISA/IEC 62443 and
NIST inputs9
µ Controls and Solution Enablement: Development of vendor-agnostic security
controls and deployment of industry-leading visibility, secure remote access,
Securing Things network isolation, access management, removable media protection, and SBOM
solutions9
Securing Things brings over 22 years of professional IT and OT cybersecurity µ 24x7 OT/IoT Security Monitoring & Response: Monitoring and response with a turn-
industry experience with clients globally. The company is on a mission to help key analytics ecosystem that can intake industry-leading, OT/IoT security solution
organizations secure their digital transformation journey for a ‘smart and data.
safer society.’ https://sra.io
OFFERINGS: info@sra.io
IT/ICS/IIOT Cybersecurity Advisory & Consulting ServiceÂ
µ vCISO/fractional CISÍ
µ Strategy/program/policÈ
µ Assessments/reviewÂ
µ Security awareness/trainin·
µ Vulnerability discovery and pen-testin·
µ Security solutions (OT anomaly detection tools

https://securingthings.com
info@securingthings.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 55

SecurityGate is the ultimate solution for risk managers and executives looking to Siemens Critical Infrastructure Defense Center (CIDC) is a customer-facing
assess, improve, and document risks. Our platform, developed by critical cybersecurity competency established to assist critical infrastructure industries to
infrastructure experts, provides a user-friendly dashboard and practical data improve and mature their cybersecurity program and resiliency to cyber-attacks. Its
workflows for seamless collaboration between security leaders and cyber teams. team of cyber experts will support Canada's cyber and physical security needs and
Enhance your cyber-programs more effectively by understanding where your risks projects in the US, Europe, and the Middle East while delivering a holistic approach to
are and knowing what to do about them with insights from the SecurityGate Platform. cybersecurity and covering the entire security lifecycle.
Join the largest critical infrastructure organizations and consulting firms around the
globe by trusting SecurityGate for all your risk assessment needs. OFFERINGS:
ˆ Cybersecurity Assessments: A variety of cybersecurity assessments to help
OFFERINGS: organizations understand their cybersecurity programs relative to baselines and
ˆ Connect C-Suite and cyber leaders at all levels globally: Communicate real-time different frameworks such as ISA/IEC 62443, NIST CSF, and NIST SP 800-82]
metrics to senior leadership with a bird’s eye view of your industrial ecosystem. Or ˆ Security Strategy and Roadmap Development: Develop a future-proof multi-year
dig into the details and view maturity or compliance by site, function, and security strategy and an implementation roadmap as the output of cybersecurity
geography] assessments]
ˆ Choose a framework or build your own: Quickly get started by choosing from over ˆ Program Management: Provide comprehensive, integrated program
20 industry frameworks (including NIST-CSF, ISA/IEC 62443-3-2, and C2M2), management of security strategy, project and risk management, and security
uploading your own, or mixing and matching over 4,000 control questions from our services planning]
library to address your unique business needs]
ˆ Critical Infrastructure Security Operations Center (SOC): The Critical
ˆ Drive action with visual dashboard & reports: Automated control mapping across infrastructure SOC monitors and protects the OT network and infrastructure of
threats, risks, control families, and impact levels will arm you with the insights you critical infrastructure and large manufacturing. It delivers automated real-time
need to create an effective roadmap for improvement] monitoring of core OT and related IT security events, along with automated
ˆ Enable collaboration across teams: You’re in command of data collection, review, detection of security outliers by observing deviations from known good baseline.
and approval. Assign tasks to team members or third-party vendors and centrally The SOC also provides 24 /7 security monitoring, security event triage, analysis,
manage feedback to quickly remediate issues] alerting, and incident response support]
ˆ Manage improvement at scale: Assign and monitor remediations within the ˆ The company’s services range from advisory, managed security, and research
SecurityGate Platform or tap into the open API to easily integrate data from services, with the singular mission to secure customers’ OT infrastructure. Its
partners like DarkTrace, Nozomi and Tenable. managed security services consist of services that enable customers to detect,
prevent, respond and recover from cybersecurity threats.
https://securitygate.io/
info@securitygate.io www.siemens.ca/cidc
cidc.ca@siemens.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 57

Industrial Cybersecurity Technology, Solutions & Services 58
 Sepio Systems SynSaber
Sepio Systems empowers organizations to create, enforce device policies, SynSaber’s lightweight, software-based ‘Saber’ sensors help gain visibility into
and block unapproved and rogue hardware. First, the company calculates a east-west traffic at the OT edge. These Sabers deploy on just about anything
digital fingerprint from the electrical characteristics of the device. Then, it with a minimum of 2 cores and 2 GB of RAM, so they can be used on existing
compares it with known fingerprints, automatically providing information on hardware or run in virtualized or containerized environments.

the vendor name and product name, using physical layer fingerprinting SynSaber’s integration-first approach means that once Sabers are deployed,
technology and machine learning. organizations can send curated data from the edge of the OT environment
OFFERINGS: into any existing SIEM, SOAR, data lake, or MSSP workflows. Data from the
Sabers can be used to improve not just security, but safety, operations, and
The Sepio HAC-1 platform provides visibility, control, and mitigation to zero- compliance. Its ultra-small software packs a big punch.
trust, insider threat, bring-your-own-device (BYOD), IT, OT, and IoT security
programs. Its hardware fingerprinting technology discovers all managed, https://synsaber.com/
unmanaged, and hidden devices otherwise invisible to all other security tools.
info@synsaber.com
https://sepio.systems/

SIS Industrial Cyber Security Tempered Networks

SIS is fully dedicated to industrial cyber security, with a focus on safeguarding Tempered offers secure connectivity for vital infrastructure, industrial control
the critical infrastructure and essential services that all depend on. SIS systems, and the industrial Internet of Things (IIoT). Tempered Networks’
comprises a team of industrial cybersecurity specialists focused on OT, solutions are used by a range of sectors, including water, energy, petroleum,
including ICS and SCADA. The focus helps bring ‘unrivaled’ field experience, manufacturing, and other industries
and in front of current and developing cyber threats.

OFFERINGS:
SIS is also one of the initial companies in the world with a fully dedicated OT
security operations center. Its managed services are a cost-effective The Airwall solution delivers network segmentation and secure remote
outsourced arrangement that delivers managed OT security with real-time access. Airwall is a zero-trust software-defined perimeter that provides multi-
monitoring, analytics, reporting, and rapid incident response. factor authentication, comes micro-segmented, encrypted end-to-end, and
is impervious to lateral movement.

https://sis-ics.com/ Airwall Teams allows users to build truly private system-to-system networks
info@sis-ics.com that span public, private, cloud, and mobile networks, with just a few clicks
using an intuitive graphical interface.
http://tempered.io
info@tempered.io

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 59

 TXOne Networks works on maintaining the reliability, availability, and safety of OT
environments by integrating with existing business processes to deliver exceptional
security without interrupting operations. TXOne leverages its deep domain knowledge
and strong industry partnerships to understand the nuances of OT/ICS devices.

Working directly with semiconductor fabricators and device manufacturers, TXOne’s

solutions operate as integrated parts of OT environments. Founded with OT priorities
in mind, TXOne functions as a business outcome enabler with solutions that
streamline regulatory compliance tasks, remove legacy software risks, reinforce
operational stability, and protect systems from interference and security incidents.
This positions TXOne as a valuable partner in optimizing OT business process.
OFFERINGS:
i Network Defense: TXOne Networks – Edge introduces stability and resilience across
OT networks. Identity-based zero-trust access controls regulate traffic and
operational commands sent between devices. Industry-informed protocol
analysis techniques apply prevention, detection, and remediation functions to
reduce the impacts of incidents and promote operational stabilityW
i Endpoint Protection: TXOne Networks – Stellar integrates with individual devices,
becoming a native extension to their base functionalities. With its performance
and accuracy that comes from working so closely with OEMs, Stellar defends
modern and legacy devices by actively preventing unauthorized changes to
baseline operations at an application and process level without interrupting
normal operationsW
i Security Inspection: TXOne Networks delivers a portable, software-free security
capability that both ops and security teams can use. Integrating with existing
procedures, the device in the form of a USB can inspect new equipment before
moving it to production, perform regular audit and inventory management
functions, and provide advanced security for out-of-band and isolated devices.
https://www.txone.com/
info@txone.com

Industrial Cybersecurity Technology, Solutions & Services 60

 Thales Group
Thales offers a comprehensive, long-term approach that helps operators
implement the security policies they need to protect critical information
systems.
Whether an organization has existing technology in place or needs to reassess and
OFFERINGS: upgrade, Velta Technology partners with solution providers in the industrial space.
‚ CERT: To anticipate detection of cyberthreats, Thales offers tailored The company helps integrate digital safety solutions, expertise, and tools, with the
intelligence on vulnerabilities, threats and attacks of common hardware current environment and existing technologies. It also understands the differences
and software componentsf between industrial and IT infrastructures, and the toolsets required to secure them.

‚ Consulting: Thales provide cyber consulting to critical infrastructures in Velta Technology helps bridge the gap in expertise and understanding from industrial
order to address the challenges of regulatory compliance, implementation assets on the plant floor across to the enterprise. The company provides mitigating
of security from design, risk assessment and penetration testing.Ä and compensating controls for digital safety and supports organizations with
‚ Rapid Response Team: Thales has a rapid response team with on-site industrial IoT and OT/IT convergence. It also helps protect the industrial environment
intervention capacity, made up of multi-disciplinary specialists.Ä with its team of multi-disciplinary industrial manufacturing and critical infrastructure
experts.
‚ SOC: Thales’ security experts ensure security information and event
management flow in real-time from its CSOCs located around the world. OFFERINGS:
‚ Tabletop Exercise – They help facilitate important OT / IT discussions to strengthen
www.thalesgroup.com internal communication and security ownership across industrial assets and
operationsf
‚ CDV Index – Measure real-time risks and vulnerabilities of all connected devices
within an industrial facility over time to accurately gauge risk and potentially
defend insurance rates or claimsf
ThreatGEN ‚ Visibility Study Program – A three-week program to identify the top vulnerabilities
unique to one’s industrial environmentf
ThreatGen is a game-based cybersecurity simulation platform that combines ‚ OT Monitoring Optimization – For organizations who’ve deployed a monitoring
the power of an actual computer gaming engine and active adversary platform and are experiencing challenges optimizing the value and benefits of
simulation AI to provide the most practical and effective way for anyone to your investment. Velta Technology serves as an extension of the in-house team
learn cybersecurity, from beginners to experts, and even leadership. The offering hands-on expertise, knowledge, and best practicesf
ThreatGEN Red vs. Blue portal is web browser delivered and provides access ‚ Secure Remote Access (with Audit Trail) For Industrial Environments – Minimize risk
to the cybersecurity simulation platform, on-demand courses, labs, and of remote users and the industrial environmentf
scenarios. ‚ Industrial Endpoint Protection – Secure existing industrial networks with an
impenetrable barrierf
https://threatgen.com
‚ SenseR Ready Panel Program – Build and install industrial panels Digital Safety
sales@threatgen.com Ready with the latest cybersecurity technology. Eliminate expensive retrofit costs
down the road.
www.veltatech.com
info@veltatech.com

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 61

 Tripwire Verve Industrial
Tripwire protects organizations from damaging cyberattacks, keeping pace Verve’s principles are based on the premise that ICS/OT security and reliability
with changing technology complexities to defend against ever-evolving require technology and talent to achieve effective OT systems management.
threats. In addition, the company helps organizations build solid foundations
for security, compliance and operational excellence. OFFERINGS:
OFFERINGS: t The Verve Security Center is a vendor-agnostic OT endpoint management
platform that provides IT-OT asset inventory, vulnerability management,
t Tripwire Enterprise is a security configuration management (SCM) suite
and the ability to remediate threats and vulnerabilities from its
that provides fully integrated solutions for policy, file integrity, and
orchestration platformh
remediation managementh
t It offers the Endpoint Protection Platform for OT/ICS cybersecurity
t Tripwire Industrial Visibility provides ICS operators with total clarity into
environments. The company also combines the platform with ICS/OT
the devices and activity on their network. It uses deep packet inspection,
engineers who provide turnkey support and partner with organizations in
change management, event logging, and threat detection to help keep
the OT/ICS security journeyh
sensitive assets out of the reach of intruders.
t The Verve Industrial Design-4-Defense professional services support
https://www.tripwire.com/ clients in ensuring their OT environments are designed and operated
securely.

www.verveindustrial.com

Veracity Industrial Networks Wipro

Veracity Industrial Networks delivers a resilient and secure approach to OT Wipro recognizes that OT security is the key enabler to enterprise adoption of
network management. Optimized for the OT environment, the solution Industry 4.0. The company’s approach is to blend its technical engineering
centrally manages the network following explicit rules which create visibility heritage with a new business-focused consulting approach to deliver
and inherent security for all endpoints that are communicating while successful transformation and business continuity.

drastically simplifying network management. The recent attacks on the OT networks have alerted business stakeholders to
the potential impact of cybersecurity incidents on reputation and revenue.
OFFERINGS: Governments are enforcing regulatory compliances making it mandatory for
t The Veracity OT Network Controller uses automated network segmentation companies to report breaches to the authorities. As a result, OT cybersecurity
with self-healing capabilities to manage cyber riskh is transitioning away from siloed engineering supervision to management by
t Veracity leverages SDN functionality to protect east/west and north/south IT and OT teams’ collaboration.
traffic, while delivering enhanced resiliency by eliminating firewall
configuration issues, loopbacks, and manual IP address updates. www.wipro.com

https://veracity.io/
sales@veracity.io

Vendor directory Industrial Cybersecurity Technology, Solutions & Services 62

 "A software company providing cybersecurity solutions, WALLIX is the European
specialist in digital Identity and Access Security Solutions. WALLIX's technologies
enable companies to respond to today's data protection challenges. They guarantee
detection of and resilience to cyberattacks, which enables business continuity. They
also ensure compliance with regulatory requirements regarding access to IT
infrastructures and critical data. WALLIX has a strong distribution network of more
than 300 resellers and integrators worldwide. Listed on the Euronext (ALLIX), WALLIX
supports more than 2000 organizations in securing their digital transformation.
OFFERINGS:
r OT.security by WALLIX is a brand dedicated to the security of digital access and
identities in industrial environmentso
r WALLIX affirms its digital responsibility and is committed to contributing to the

Keeping you updated construction of a trusted European digital space, guaranteeing the security and
confidentiality of data for organizations as well as for individuals concerned about
the protection of their digital identity and privacy. Digital technology, whether for
professional or personal use, must be ethical and responsible in order to pursue a
It’s our mission to keep you informed of the rapidly changing secure societal digital transformation that respects individual freedoms."
industrial cybersecurity landscape. Benefit from minimized https://www.ot.security/
risk, maximized productivity, and optimized decision-making marketing@wallix.com
with our valuable insights.
Our market research has earned a global reputation
for its precision, quality, and practicality.

Discover why today coupon code

We’re so excited to share our TPR
Decision Point - Industrial Secure INDCYBG23
Remote Access report that we’re
offering a special discount for the Secure yours
first ten purchased.

Industrial Cybersecurity Technology, Solutions & Services 63

Seamlessly and securely
connect people to production
ldentity & Access Security
solutions for ОТ environment

• security
byW4:LLiX

Visit

•
OT.security
о cvвERSECUR1тv'"
MADE IN EUROPE ✓ VISA
DEs;cuRГГE
 Xage Security accelerates and simplifies the way enterprises secure, manage, and
transform digital operations across OT, IT, and the cloud. The Palo Alto, California-
based company provides a distributed platform for protecting cyber-physical
systems and offers a zero-trust solution for access control, remote access, and
secure data exchange.

The Xage Fabric solution protects every asset, modern or legacy, secures every
interaction, local or remote, and enables secure data exchange across OT, IT, and the
cloud. It also supports centralized management, including centralized security policy
creation combined with distributed policy enforcement in the field.
OFFERINGS:
y Identity and Access Management: Xage’s Identity-based Access Management
services are delivered either wholly on-site or via the cloud with additional on-site
enforcement. They cover a comprehensive array of IoT, SCADA, PLC, RTU, and HMI
systems together with the latest control and monitoring applications. Xage
provides user-to-machine/app and machine-to-machine access management
with no agents, clients, or network changesV
y Zero Trust Remote Access: Xage’s Remote Access solution enables granular secure
access to modern and legacy assets spanning OT, IT, data center, and cloud.
Xage’s multi-layer approach enables granular access to individual assets,
including PLCs/RTUs at the lower layers of the Purdue ModelV
y Zero Trust Data Exchange: Xage’s Data Exchange enables end-to-end security
across the entire data ecosystem, from physical machines through edge analytics
to shared cloud-based data lakes. Xage Fabric enables data sharing and ensures
data authenticity, integrity, privacy, and access controlV
y The company’s services range from zero trust strategy, architecture, and design
advisory to security implementation and maintenance assistance in operational
environments. Its strategic advisory services help customers map out a practical,
undisruptive path to zero trust security.
https://xage.com/
info@xage.com

Industrial Cybersecurity Technology, Solutions & Services 65

 Yokogawa
Yokogawa provides a centralized and standardized cybersecurity
management solution to clients. The offering reduces cost by simplified,
standardized, and more integrated security management, and is also
compliant with international industry standards such as IEC 62443.

Yokogawa ICS security services ensure plant safety and security by providing
a comprehensive program which focuses on cybersecurity lifecycle ABOUT TAKEPOINT
management.

Yokogawa supports customers in addressing cyber risk challenges through a Takepoint Research (TPR) is a boutique industry analyst firm that
Cybersecurity Lifecycle Management program focused on continuous provides focused research and actionable insight for industrial
improvement and a sustainable ICS security risk management framework. enterprises and those tasked with protecting them from cyber
OFFERINGS: threats. TPR resources and analysis help them make informed
¹ Cybersecurity Awareness Trainin¡ decisions about evolving their industrial cybersecurity programs to
¹ Industrial Cyber Security Risk Assessmen© meet the changing threat landscape. Collaboration is at the heart of
¹ Cyber Security Policies and Procedure®
¹ Operational Technology Architecture Desig¢ our model and our mission is simply to deliver expert insight that has
¹ Plant Security Managed Services tangible value for your company.
www.yokogawa.com/cybersecurity

Zuul IoT
Zuul IoT is an end-to-end cybersecurity solution optimized for the unique
challenges of IIoT at scale. Zuul IoT’s patent-pending technology provides risk
and policy-driven protection, enforcement, and monitoring mechanisms
ABOUT INDUSTRIAL CYBER
designed for the protection of critical IIoT and IoT assets sitting within critical
infrastructure environments.
Industrial Cyber is a publication dedicated to providing news and
Key features include the orchestration and integration of fundamental features on everything happening in Industrial Cybersecurity. It is a
cybersecurity technology to protect rather than simply monitor critical assets. valuable meeting place for Industrial Cybersecurity professionals
and cybersecurity experts, cybersecurity vendors and industry
tt s // uu iot.com/
influencers, who learn from one another and shape the future of this
h p : z l

o uu iot.com
dynamic and critically important market.
j hn@z l

Vendor directory