Secior assists critical infrastructure organizations with finding, fixing and managing digital risks. The services align seamlessly with the NIS2 Directive, which aims to improve the cyber resilience of critical infrastructure in Europe.
CYBER SECURITY SERVICES
CYBERSECURITY
Find - Fix - Manage
Digital Risk
FIND
Visibility plays a vital role in the cybersecurity of a data centre's operational technology (OT). Taking stock of which assets are present in the organization makes it a lot easier to protect the entire OT environment. "You can't protect what you don't see!"
Digital Health Check
With good visibility, digital vulnerabilities, insecure configurations and unwanted connections on the OT infrastructure can be more easily detected. The Digital Health Check provides insight into this digital resilience. Within a few days, we generate a report containing the required 'visbility' on the critical infrastructure. The report consists of an asset inventory, a network visualisation and a vulnerability overview.
FIX
The next step in our approach is to analyse the discovered vulnerabilities and the resulting risks. In this 'Fix phase', a risk assessment is conducted and a plan of action is developed based on the combination of an international standard (ISO) and a cybersecurity maturity model.
Risk Advisory Service
During the Risk Advisory phase, we analyse the results of the Secior Health Check and advise on mitigating the risks. In doing so, we design a cybersecurity roadmap. This roadmap includes advice on patch management, network segmentation, password policy and security monitoring.
MANAGED SERVICES
The entire portfolio is designed to keep the facility infrastructure of a vital organization secure. The services are offered in the form of a Service Level Agreement (SLA), with Secior matching its specialist knowledge to the needs of the customer; from occasional support to full offloading.
Overview Services
Threat Intelligence Team
Due to various international developments, the Netherlands appears to be a legitimate target for countries such as Russia and China. EU and NATO territorial security are also under threat.
With the Threat Intelligence Team, Secior gathers the most useful information on threats to the critical infrastructure The focus here is on the specific components used by our clients. Through regular cybersecurity roundtable discussions with a mix of engineers, ethical hackers and cybersecurity specialists, we discuss vulnerabilities and increasing cyber resilience.
Secior works with information from multiple sources;
- Open Source, reports from research institutions
- Reports from the industry
- Semi-closed sources, manufacturer information, Universities, industry organisations, NCSC
- Closed sources, cybersecurity researchers and companies, security services
The raw data collected by Secior is analysed and processed into relevant threat information that is further enriched with and best practices, tactical and technical information
Relevant alerts on malware and actors are usually shared within hours of discovery.
Cybersecurity Awareness Training
Operational technology is an increasingly important target for cyber attacks. Not only is the risk increasing, cyber attacks are also more sophisticated and complex.
You can secure the OT environment as well as you can technically. Security stands or falls with the employees. They need to be aware of the importance of cybersecurity.
Increasing employees' knowledge is an essential cybersecurity measure. Employees must learn to recognize and report cybersecurity attacks.
The awareness training provides insight into the specific threats and vulnerabilities of the organization's facility infrastructure and offers practical knowledge on different cyber threats, modus operandi and countermeasures to help employees prevent cyber attacks.
The training comprises practical examples and recommendations for setting up and implementing a sound and well-functioning cybersecurity environment, based on the ISA/IEC 62443 guideline for industrial control systems. The training is periodically enriched with the latest insights.
Pen-testing as a Service
Upon request, Secior can perform an automated pen test. A pen test provides an organization real-time insight into the vulnerabilities found on a particular system or functionality.
Incident Response Plan (IRP) Validatie
This service involves Secior analysing the existing Incident Response Plan (IRP) and also virtual testing. The findings of this validation are then discussed in detail with the management, who may then take action to tighten up this plan.
Supply Chain Management
Cyber security risks can be transmitted through the supply chain. Secior's Supplier Risk Service focuses on the risk mitigation of these supply chains.
Managed SOC
Through its Managed SOC service, Secior can monitor an organization's OT/IoT/IT infrastructure 24/7 for digital risks. If a deviation from a normal pattern is detected by the SOC staff, the organization will be notified immediately so that a potential digital risk can be prevented.
Cybersecurity at every desired level
Secior 'CSO-as-a-Service'
Most critical infrastructure organizations do not have their own Chief Security Officer (CSO) who is responsible for all IT, OT and IoT components within the organization and oversees the risks holistically. With the new NIS2 Directive, several organizations are designated as critical infrastructure and must meet strict security requirements. All ISO certifications and the highest Tier classification cannot prevent a small digital vulnerability from leading to complete failure, major damage and loss of reputation. Secior provides assurance and expertise to bring and keep an organization's cyber resilience to the desired level. The matrix below provides insight into the various options available based on a monthly fee available from €475.
DATACENTER CYBERSECURITY
How can we help?
Every data centre cybersecurity question deserves a tailor-made answer and solution. Our team understands the challenge and helps improve digital resilience and maintain uptime.