Verve’s strategic ICS cyber security advisory services offerings
OT/ICS Security Baseline Workshop
Whether your organization is just starting its cyber security journey, driving compliance to a NERC-CIP or other standard, or looking to create a comprehensive security roadmap, Verve is here to help. Verve’s Baseline Workshop is conducted by our security and compliance experts with the objective to whiteboard a broad strategic direction to improve security maturity and key requirements for success.
We start by conducting a round of interviews to gather core data about your current initiatives and security status. The workshop typically lasts 2-3 hours and is customized to your specific needs and situation. Schedule your workshop today.
A security assessment is only worthwhile if the organization takes action in a consistent manner to resolve the identified risks. Our advisory roadmapping service takes the vulnerability assessment performed by our team or another team leveraging the Verve Security Center and breaks down the series of prioritized action into a suggested timeline with budgets and resource requirements.
This builds on the consulting capabilities of our team to bridge the worlds of security and operations management to develop an achievable plan that satisfies IT, OT, and finance.
OT/ICS Security Policy & Procedure Development
OT/ICS systems require specific security policies and procedures given the unique architecture and operation of these environments. Our team has years of experience across different industry and organizational environments to provide a guiding hand in the development of specific OT/ICS security policies and procedures.
Key policies such as:
- Patch management
- Configuration management
- Incident response
- Change management
- User/access control
In some cases, we work with clients to adapt their IT policies to the unique OT/ICS environments. In others, we create policies from scratch, leveraging best practices from industry sources such as ISA, SANS, NIST, etc. Our team skillfully balances security and operations to develop practical solutions that can be adopted not just written down.