Today, industrial automation systems are increasingly connected to corporate networks, data collection systems, remote access solutions, and supplier maintenance connections. This enables more efficient operation, but also creates new cybersecurity risks.
At MODIM Engineering Ltd., we approach OT cybersecurity not from a conventional IT perspective, but from an automation engineering point of view. We assess PLCs, HMIs, SCADA systems, industrial networks, and technological processes to determine how security can be improved without compromising production continuity.
Our goal is to ensure that our partners’ OT systems do not remain a hidden or misunderstood area during NIS2 preparation. We help identify risks, define the necessary measures, and prepare for audits while keeping the safety and continuity of plant operation as a primary consideration.
Why is OT cybersecurity important?
OT environments require a different mindset from traditional IT systems. Continuous availability, process stability, the management of legacy equipment, vendor-specific constraints, and the characteristics of industrial communication protocols are all factors that must be taken into account when designing security measures.
How can we help?
Identification and assessment of OT systems
We help map the industrial automation, control, measurement, and supervisory systems that may be relevant from the perspective of NIS2 preparation. These may include, among others, PLC systems, SCADA systems, HMI panels, industrial PCs, measurement and data acquisition systems, industrial communication networks, production line controls, IT/OT interface points, and remote maintenance access.
During the assessment, we review the structure of the OT environment, network connections, access rights, supplier connections, and operational practices. Our aim is to understand which technological process the given system supports, what risk its outage may pose, and how its security can be improved without jeopardising plant operation.
Assessment of IT/OT interface points and industrial networks
Industrial systems are increasingly connected to the corporate IT environment at multiple points. These connections may be necessary and useful, but if they are not properly designed, they can also introduce risks.
We assess network gateways, data connections, remote access points, supplier connections, engineering workstations, and the points where the IT and OT environments interact. We help review industrial networks, identify segmentation options, and develop recommendations that also take production processes and operational risks into account.
Management of remote access and supplier connections
External suppliers, machine manufacturers, and technology partners are often involved in the maintenance of OT systems. Remote access is convenient and, in many cases, necessary; however, without proper regulation, logging, and access management, it can pose a serious risk.
We help review who may access which system, when, for what purpose, and with what level of authorisation. We provide recommendations on how these access points can be made more transparent, better regulated, and more secure.
NIS2 audit preparation from the OT side
During NIS2 preparation, the identification, assessment, and documentation of OT systems can be of particular importance for industrial companies. We provide support in OT-side preparation tasks, including the review of affected systems and EiRs, the identification of gaps, the development of proposed measures, and the preparation of audit-supporting documentation.
Our aim is not to replace the work of IT professionals, but to complement it with our automation engineering experience. We firmly believe that effective NIS2 compliance in an industrial environment can only be achieved through cooperation between the IT and OT sides.
Why work with us?
Our OT cybersecurity activities are built on several decades of experience in industrial automation. We complement this with up-to-date professional knowledge specifically related to OT cybersecurity, relevant training, and cooperation with Hungarian research and professional stakeholders. As a result, we assess the security of industrial systems not only from a cybersecurity perspective, but also from a practical engineering point of view.
The experts supporting your preparation
Ferenc, one of the founders and managing directors of our company, also graduated from the Faculty of Electrical Engineering at the Budapest University of Technology and Economics. Over the years, he has gained significant experience in electrical design and industrial automation, complemented by comprehensive knowledge of standards and a systems-based approach. To gain a deeper understanding of NIS2 requirements and the audit process, he has also participated in relevant professional training. He considers thorough preparation, precise identification of details, and recommendations that can be implemented in industrial environments to be especially important.
Lajos, one of the founders and managing directors of our company, graduated from the Faculty of Electrical Engineering at the Budapest University of Technology and Economics. His main areas of expertise are industrial software development and the practical implementation of automation systems, providing a solid foundation for understanding the operation and risks of OT systems. To gain a deeper understanding of NIS2 requirements and the audit process, he has also participated in professional training courses. Continuous development, innovation, and building strong professional relationships are important to him.
How we work?
Overview
We become familiar with the industrial environment, the existing automation systems, and the OT areas relevant from the perspective of NIS2.
Assessment and evaluation
We map the systems, networks, access points, and documentation, then identify risks, gaps, and opportunities for improvement.
Recommendations and audit preparation
We define practical measures that can also be implemented in industrial environments, and we support the preparation of OT-side documentation and professional responses.
Frequently asked questions
A well-prepared IT team is essential for NIS2 preparation, but OT systems require a different mindset. Without knowledge of industrial controls, SCADA systems, machines, and technological processes, it is difficult to accurately assess how a security measure may affect production. We contribute this OT-side engineering perspective and practical feasibility to the preparation process.
No. We focus specifically on OT systems, industrial automation environments, controls, SCADA systems, industrial networks, and IT/OT interface points.
We cannot, and do not intend to, replace the work of the IT team. OT cybersecurity works well when the IT and OT sides cooperate: IT provides the corporate IT and cybersecurity background, while we complement this with practical knowledge of industrial systems, controls, and technological processes.
Thanks to our automation experience, upon request we can not only provide recommendations, but also support the design and implementation of the necessary technical modifications.
Yes. OT environments often include long-lifecycle, legacy, or vendor-specific systems. In such cases, it is particularly important that security improvements are not based on generic solutions, but on a proper understanding of how the systems operate.
No. Our company does not participate in the process as an auditing or certification body. Our role is to support OT-side preparation: we help review industrial systems, identify gaps, define the necessary measures, and prepare documentation that supports the audit process.
Request a quotation now
If our OT cybersecurity service has raised your interest, please request a quotation from us.
