A structured assessment was conducted to evaluate the current state of a Victorian Water Utility’s OT cyber security posture, focusing on network infrastructure and information systems architectural design within OT/ICS environments. The purpose was to identify key findings, perform a gap analysis, and provide actionable recommendations to strengthen resilience and guide the organisation’s future architecture decisions.
Secolve performed the following to satisfy the water company's requirements
The engagement focused on key OT cyber security domains, including security controls and countermeasures specific to OT systems, ingress and egress communications between IT and OT environments, and the network and system infrastructure that carries OT data.
Our review uncovered critical OT security gaps, including shared IT/OT infrastructure, poor network segmentation, incomplete asset inventory, and governance weaknesses. Additional risks included low OT security awareness, limited supply chain controls, and lack of incident response planning.
The assessment outlined key actions aligned with IEC 62443 and NIST CSF, including OT/IT segregation via an IDMZ, continuous asset discovery, stronger governance controls, and enhanced OT training and incident response.
Developed a detailed scope of work in close collaboration with the client to align with their specific requirements, timeframe and budget.
Delivered a targeted OT cyber security assessment report outlining key risks and recommendations across infrastructure, communications, and control systems.
A comprehensive report detailing findings, gap analysis, and actionable recommendations to guide the utility’s next steps in secure architectural design and compliance alignment.
This water utility faced a growing challenge: understanding and mitigating cyber security risks across its Operational Technology (OT) environment. With increasing interdependencies between IT and OT systems, the organisation needed to assess its current posture and uncover hidden vulnerabilities that could jeopardise critical infrastructure.
A structured OT security assessment was conducted, delivering a comprehensive report and prioritised roadmap aligned with IEC 62443 and NIST CSF. Key recommendations included OT/IT segregation, continuous asset discovery, improved governance, and enhanced incident response capabilities.
Safeguarding the industries
that power the world.
