CASE STUDY
Like many critical infrastructure organizations, this chemical company was dependent on spreadsheets for running cyber risk assessments across their operational technology (OT) environment.
Most of the company’s OT/ICS risk assessments were done in person and data was manually entered into spreadsheets. From there, another team would organize everything into PowerPoint presentations for the executive team.
This created a high degree of variance in the responses and an incredible amount of lag time between when the data was collected and when leaders could see the assessment results.
SecurityGate.io delivered a consistent experience across teams. No longer did they have to worry about the personality of the assessor affecting the data-gathering process.
In short order, the risk management team had access to turnkey questions specific to their industry, such as IEC 62443. The ability to customize the assessment questionnaire within the platform helped keep assessments consistent while still addressing their unique business needs.
No longer was there a months-long lag time between an OT cyber assessment and reports. With the SecurityGate Platform, insights could be quickly gathered and analyzed in an online dashboard. Team leaders and executives now had a snapshot of their current OT risk posture to quickly make decisions.
Rather than completing an extended assessment in one sitting, the teams could answer online questions as their schedule permitted. The risk manager noted that now, their teams can spend time on their assigned assessments whenever it’s convenient for them.
“SecurityGate.io has been an effective platform to complete an OT cybersecurity assessment in a short time. It was particularly helpful that the assessment was accessible at multiple sites—we no longer had to rely on performing it in person.”
Being an international company, most of the company’s employees do not primarily speak English. Industry terms can be hard to translate from English. This caused confusion among some team members.
To overcome this problem, the SecurityGate.io team worked closely with them to make sure that both the assessment questions and tech-support information were accurately translated. This decreased the confusion around certain questions and helped them get the best information back, in the timeliest manner possible.
After transforming their OT/ICS risk assessment process, the cyber team isn’t looking back. Since everything is now managed within the platform, they are now able to run all site assessments concurrently. By using SecurityGate, the company has turned a once multiyear process into one that takes a fraction of the time.
The SecurityGate Platform provided an unexpected benefit to the team, as well. Running OT assessments through the SecurityGate Platform ensures that all employees are thinking critically about cyber security at their site.