Conducting a cyber security audit on an operation technology (OT) environment for critical infrastructure typically requires a combination of technical and analytical skills. Some key skills that may be required include:
1. Knowledge of industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems, as well as the protocols and communication methods used in these systems.
2. Understanding of the specific industry or sector in which the critical infrastructure operates, as well as the specific regulations and compliance requirements that apply to that sector.
3. Familiarity with security frameworks and best practices, such as NIST SP 800-82 or IEC 62443, and experience applying these frameworks to an OT environment.
4. Strong analytical and problem-solving skills, as well as the ability to think critically and creatively when identifying and addressing security issues.
5. Familiarity with the tools and technologies commonly used in an OT environment, such as firewalls, intrusion detection/prevention systems, data historian and alarm event management systems.
Additionally, strong communication and project management skills are also important for effectively communicating the results of the audit to stakeholders and coordinating remediation efforts.
Australian Control Engineering is specialised in operation technology network audit, automation design and implementation for utilities industry. If you would like to learn more about our capability and understand how we can help you accelerate your results, please Contact us.
