ITL-08 CONSULTING SERVICE
OT & IoT Security
An industrial environment is not an IT network with sensors: it is a system where a security failure becomes a production stoppage, physical damage, or risk to life — and where most IT controls simply cannot be applied.
The problem
IT/OT convergence connected to the corporate world equipment designed twenty years ago to operate in isolation: controllers that accept commands from any origin, industrial protocols with no authentication or encryption, downtime windows counted in hours per year, and the practical impossibility of installing agents or applying patches. The attacker who crosses the IT–OT boundary finds terrain without defenses — and the classic IT response (scan, patch, reboot) can take down the plant as fast as the attack itself.
How we work
ICS/SCADA security assessment
A structured assessment of the industrial environment aligned with the discipline's international references — ISA/IEC 62443 and NIST SP 800-82 — covering architecture, asset inventory through passive discovery (without touching the process), real communication flows between levels, and exposure of the IT–OT boundary. The result is the honest map of what is connected, talking to what, and where an attacker would get in.
Industrial protocol security
Analysis and monitoring of the protocols that actually command the process — Modbus, DNP3, IEC 60870-5-104, OPC UA, EtherNet/IP, and PROFINET — with passive deep packet inspection: detection of anomalous write commands, out-of-pattern setpoint changes, scans, and unauthorized nodes on the control network. Where the protocol offers no authentication or integrity (the rule, not the exception), we design the compensating controls.
Zero Trust OT as the isolation model
Practical application of the zero-trust model to the plant floor: segmentation into zones and conduits per IEC 62443 over the Purdue reference model; no direct route from the corporate network to the control level; vendor and maintainer remote access through a brokered point with least privilege, time limits, and session recording; explicit allow-lists of permitted communication between cells — everything else denied by default. The result: the compromise of a corporate workstation stops being the compromise of the plant.
Corporate and industrial IoT security
Governance of the connected devices multiplying under the radar — sensors, meters, cameras, building controllers: inventory and continuous discovery, replacement of default credentials, firmware management, segmentation into dedicated networks, and security criteria for acquiring new devices.
Incident response in industrial environments
Response plans that respect the real hierarchy of the OT environment: safety of people and of the physical process before digital containment, isolation decisions agreed with operations and engineering, and exercises conducted without risk to production.
Applied experience
Experience in environments where IT meets physical operations — energy, mining, offshore oil and gas logistics, and industrial plants — including control networks with maintenance windows counted in hours and equipment that cannot be touched in production.
Frequently asked questions
Can we scan the industrial network the way we scan the IT network?
No — and that is the discipline's first lesson. Industrial controllers can crash from a simple port scan, stopping the process. In OT, inventory and detection are done by passively listening to traffic (which reveals assets, protocols, and conversations without injecting a single packet); any active testing happens in a formal window, in a test environment, or with the equipment out of operation.
What does Zero Trust mean in OT, in practice?
It means abandoning the idea that "inside the plant, everything trusts everything". In practice: the network is divided into small zones with defined functions; every communication between zones passes through a controlled, inspected conduit; nobody — not even the equipment vendor — reaches the control level directly, only through a brokered point with individual credentials, least privilege, an expiration time, and session recording. The measurable effect is containing the incident in the zone where it was born.
Our industrial protocols have no authentication. Do we need to replace everything?
It is almost never feasible, and rarely the recommendation. Protocols like classic Modbus and DNP3 authenticate no one — but the risk is controlled in layers: network isolation that prevents unauthorized origins from reaching the controller, passive monitoring that detects anomalous commands, and gradual adoption of secure variants (such as OPC UA with signing and encryption, or DNP3 Secure Authentication) where the equipment and the project allow.
Need a conversation about OT & IoT Security?
Describe the scenario in two lines. We'll answer with an honest read — including if the answer is that you don't need us.