ICS cyber security
Though silent and often invisible, cybercrime is an exploding threat to industrial control systems (ICS) in a range of critical industries. Every business can expect to fall victim to cybercrime at some stage, and the financial or reputational issues arising from such events can be hugely damaging.
Our cyber security services help protect your assets
DNV GL is your independent advisor on cyber security for critical infrastructure in industries such as oil and gas, energy, maritime, health care, automotive, railway, insurance and more. Combining specialized operational technology (OT) expertise with deep industry knowledge, we provide support from assessment to process implementation, systems and product assurance, helping you to quantify and manage risk, achieve compliance and improve business performance.
- Gain valuable insights into your cyber security risk picture through our risk assessment, advisory and training services
- Identify data and information risk, leveraging our ontology and semantics experts
- Verify that processes, systems and products are secure and aligned to best practice by performing ICS penetration testing or through component/system certification
Cyber security OT
With the increasing convergence between IT and OT (operational technology), the OT domain is becoming more exposed to malicious attackers, and cyber security risks begin to impact safety and performance.
When implementing OT cyber security, it is vital to focus on the three pillars of cyber security: people, processes and technology. Reviewing processes, it is essential to identify where cyber risks are and to validate presence of the appropriate mitigation barriers. After having identified risks, the next step is technology. Verification of the protective barriers is necessary to ensure proper network segmentation. A penetration test will make sure assets have the appropriate security measures. Cyber security relies on people as well. Proper training, drills, phishing and awareness campaigns on a routine basis are essential.
DNV GL’s approach is founded on wide industrial expertise and experience with cyber security, industrial control systems and networks. DNV GL understands and applies the relevant best practices and standards, such as the ISO 27000, the NIST 800, and the IEC 62443 families of standards.
Your independent advisor on cyber security for critical infrastructure
- Bringing industry together to create best practice
- Specialized ICS cyber security competence for your industry
- Pragmatic solutions to target the largest risk reductions
Due to the increasing pressures from external and internal threats, organizations responsible for critical infrastructure need to have a consistent and iterative approach to identifying, assessing, and managing cybersecurity risk. This approach is necessary regardless of an organization’s size, threat exposure, or cybersecurity sophistication today.”