GPA’s cybersecurity-trained control systems experts understand the unique requirements of Operational Technologies (OT) and the industrial environments in which they operate.
Our Expertise
Our Systems
The incorporation of a cybersecurity strategy is essential to modern business. While cybersecurity practices for Information Technology (IT) systems are highly established, cybersecurity practices for Operational Technology (OT) systems are developing and evolving. Protection for OT systems (machinery, process control systems, critical infrastructure) involves ensuring availability, whereas protection for IT involves protection of data. Therefore a unique complement of skills are required to design and implement OT cybersecurity.
GPA’s cybersecurity-trained, control systems experts understand the unique requirements of operational technologies and industrial environments where these physical processes operate. This deep understanding allows GPA engineers to design and implement practical security measures for a range of systems, including legacy equipment pre-dating modern cybersecurity capabilities. GPA’s expertise in operational technologies, provides insight and knowhow of the intricacies of OT components, protocols and industrial processes above and beyond the capabilities of typical IT cybersecurity professionals.
OT systems encompass a wide range of technologies including SCADA, PLCs, sensors, actuators and industrial networks. GPA engineers are adept across all OT technologies and make appropriate decisions for security measures (and countermeasures) to provide protection against cyber threats, reducing the overall threat surface and risk of attack.
GPA’s expertise stems from our vast experience in risk analysis and identification. We are experts in Functional Safety, with our suite of risk assessment services an integral part of the design and development of Industrial Automation and Control Systems (IACS). GPA’s trained cybersecurity practitioners apply a structured approach, as defined by IEC 62443, to cybersecurity risk assessment. This approach closely aligns with our proven methodology for Functional Safety assessments, providing confidence and assurance that cyber risks will be identified and managed.
GPA engineers provide total plant safety in the cyber-threat landscape by:
- Identification of potential cyber-threats
- Assessment of physical consequences on process control systems (shutdowns, outages, leakages, explosions, etc.)
- Inclusion of non-hackable countermeasures in the process design to increase safety and reduce risk
- Application of relevant control measures to secure physical and electronic processes through a defence in depth approach to system design
Furthermore, as a multidisciplinary consultancy, GPA’s widespread knowledge allows for the identification of cybersecurity risks to meet additional safety standards, including AS2024 (safety of machinery).
GPA’s control systems experts also understand the requirements for IT security policies, including the management of third-party access to systems and the integration of security controls across domains. This requires specialised expertise and collaboration with multiple stakeholders to align IT-OT requirements.
IACS OT environments require specialised knowledge, adaptation to legacy systems, and a holistic approach that considers physical consequences. Bridging the IT-OT cybersecurity gap remains an ongoing challenge in the ever-evolving landscape of industrial security. GPA professionals are well equipped to assist clients with meeting these challenges.