Full initial IT and OT Audit
  • IT Audit based on CMMM and OT Audit based on DNV / BV
  • Cybersecurity audit report with initial state
  • Implementation of cybersecurity management tools
Implementation of measures to reach cybersecurity hygiene
  • Update of practices: configuration, network segmentation ..
  • Update of processes: access management, incident management, etc.
  • Cyber Awareness of personnel on board and ashore
Risk assessment on IT and OT perimeters
  • Risk assessment on IT and OT perforemd with management
  • Creation of a risk monitoring table to be integrated into the company's cyber policy
  • Participation of all company stakeholders in the analysis workshop
Gap assessment to reach DNV GL or BV cyber secure certification
  • Gap assessment of practices for each OT supplier
  • Compliance plan according to the final objective chosen
  • Deployment of identified solutions to strengthen cybersecurity

Initial Audit

An initial audit as a starting point.

The audit allows us to document the initial state of cybersecurity and set up cybersecurity management tools which will trace the upgrading and deployment of a security strategy. Find here the details of our audit strategy.

IT and OT fast upgrade

The first step is to catch up and quickly increase cybersecurity to the level of basic cyber hygiene.

The cyber security of IT and OT is managed differently: IT cybersecurity is implemented directly, while OT cybersecurity is implemented with OT solution providers. Upgrading IT cyber security to the basic cyber hygiene level can close the most obvious vulnerabilities quickly. On the OT perimeter, it consists of collecting information to build the OT cybersecurity management tool.

Risk assessment performed with management

A risk assessment allows to identify the residual risks after a basic cybersecurity upgrade.

Risk assessment carried out with management lays the foundations for the company's future cybersecurity policy. This work covers the IT and OT perimeters and takes place in the form of a workshop where a list of concrete cases are reviewed and their impact / probability / severity are questioned to define their priority.

Gap assessment with DNV / BV cyber secure norms

The gap assessment allows to plan the evolution of cybersecurity.

The gap assessment follows the risk analysis and creates the corrective action plan to be applied. It proposes measures to be deployed directly for the IT perimeter and to be implemented on the OT perimeter by the suppliers. This gap assessment is the measure of the gap with the company's cybersecurity objective and is matched with the DNV and BV standards.