Industrial Control System (ICS) Cyber Security

With the myriad of cyber threats facing operators of ICS around the world, ECL can assist with topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs & DCS), safety instrumented systems (SIS), and other field control system devices.

If you are a control systems user, working as a control engineer, in operations management or in IT/OT….we can assist.

If you are responsible for critical IT/OT infrastructure in industries such as energy, power generation, transmission and distribution, water utilities, chemicals, oil and gas, pipelines, etc…. we can assist.


ICS Cyber Security Consultation

We have experienced engineers available to complete a cyber security risk assessment in accordance with IEC 62443. The risk assessment process includes the following:

  • Site Cyber Security Audits
  • Scope definition
  • Asset inventory
  • Threat, vulnerability and counter measure identification
  • Risk estimation and assessment


ICS Cyber Security Awareness Training

Two-hour basic interactive training supported by twenty hours of customisation of the training session for site specific risks, policies, procedures and requirements complete with knowledge understanding assessment and certificate of completion.

Recommended for CRO, PI and other operations leadership personnel. This training is also useful for maintenance/engineering support personnel that require a basic understanding of ICS Cyber Security but do not require advanced training.

Provides awareness level knowledge for key staff to enable them to fulfil roles and responsibilities to maintain ICS Cyber Security.

Provides insights into present day ICS Cyber Security risks.

Provides overview into company-specific policies and procedures.

Provides direction on the actions that should be taken to address and mitigate ICS Cyber Security risks.

Training to be held at client's site.

Training to cover multiple groups (6-12 people) over a period of days.


ICS Cyber Security Advanced Training

Two-day hands-on advanced interactive training complete with certificate of completion.

Recommended for IT and control systems personnel tasked with operating, maintaining and defending industrial control systems.

Provides background information on how attacks against industrial control systems could be launched, why they work, and provides mitigation strategies to increase the cyber security posture of their control systems networks.

Various topics will be covered with theoretical and practical exercises including:

  • IT/OT architecture, requirements and recommendations
  • Security vulnerabilities and risks to ICS
  • Exploit demonstration
  • Device hardening and monitoring
  • Policy and procedure development
  • Network: Security, Identification, and Remediation
  • Network: Defence, Detection, and Analysis
  • Use and configuration of firewalls for various ICS protocols
  • Incident detection, response and recovery

Training to be held at ECL office.

Training to cover one small group (4 – 6 people)


Our Team

All assessments, audits and training are carried out by experienced ICS Cyber Security engineers. Our team have presented at conferences around NZ and have been trained in Industrial Control System Cyber Security, ensuring the highest level of cyber security, catering to the specific needs in the Operational Technology environment.

GICSP GRID Certified Ethical Hacker Comp TIA Security Plus IDC Technologies