{{item.title}}
{{item.text}}
{{item.title}}
{{item.text}}
Adversarial attacks are increasingly targeting the operational technology (OT) that underpins critical infrastructure operations. Preventing these attacks from affecting the safety, reliability and resilience of your operations requires carefully integrated security measures.
But securing these often mission-critical systems can be challenging for organizations with insufficient visibility into OT-specific security risks and regulatory requirements.
Our teams of engineers, security specialists and former operators help you gain a panoramic view of your OT security risks. This lets you identify new threats faster and prepare, respond and emerge more confident from OT security incidents.
Our services are about more than checking boxes. We focus on initiatives and managed services that measurably improve your security posture.
We’ll help you transform how you defend your operations with a suite of customizable services tailored to your unique business needs across risk, resilience, recovery and reputation management. Our holistic approach combines the power of your existing security controls and enhanced technology with our deep human expertise. This helps you secure your OT, IoT and critical infrastructure assets by:
Developing a broad security architecture, from cloud to control room, that limits gaps for adversaries;
Providing guidance on security leading practices and benchmarking your organization against industry peers;
Defining and prioritizing security initiatives in line with your risk appetite and budget;
Securing your networks, improving user access controls and hardening connected devices to help protect against cyber threats;
Implementing the right solutions is key to defending any environment from attacks. Our advanced cyber capabilities and OT cyber managed services help you protect, detect and respond to incidents with:
network security managed services
Identity Operations as a Service
incident response, forensics and analysis
Training and Awareness as a Service
Integrating cybersecurity into your broader due diligence efforts can give you deeper insights into your operational resilience. We’ll help you understand the quality of your assets and whether they’re at risk. Our CDD services include:
identifying key risks using a red-flags approach
sharing insights into cyber risk and potential impacts
helping you make informed investment decisions to improve resilience
Assessing your existing processes against proven frameworks and standards helps establish a baseline view of your assets, cyber maturity and gaps—and create a roadmap for the future. Our OT cyber assessment services include:
a rapid, light-touch NIST 2.0 Cyber Maturity assessment
an in-depth, full NIST 2.0 Cyber Maturity assessment
cyber assessment frameworks and standards including NIST SP800-82, NERC CIP, IEC-62443 and other applicable regulations
Testing security mechanisms and controls lets you uncover and fix gaps that leave your systems vulnerable. Our OT technical application review services include:
technical application security review
application architecture review
vulnerability detection
penetration testing
overall OT security architecture review
Understanding OT-specific cyber risks may require a deeper examination of your environment and additional remediation. Other OT-specific services we offer include:
onsite OT assessments
OT architecture and design
OT cyber systems integration
OT cyber remediation
passive monitoring
OT secure remote access
target operating model and roadmap
Pinpointing and preventing OT security risks means covering all your bases—from third parties to internal vulnerabilities. Our OT ad-hoc deep dive services include:
privileged access management
At PwC Canada, we don’t just help you identify and monitor your operating assets—we also help you test them in a secure sandbox environment to see how they stack up against the latest threats. Located adjacent to PwC’s Digital Resilience Center (DRC), our OT Security Lab can demonstrate:
Asset discovery and visibility: Try out OT monitoring tools with proof-of-concept testing, product comparisons and integrations with asset tracking products.
Detection and response: Test the integration of firewalls, intrusion detection and OT monitoring tools with SIEM software and SOC procedures.
Product technical review and testing: Conduct zero operational impact product and site acceptance testing and safe destructive testing (including OT penetration testing) in a near-production training environment.
Our OT Security Lab includes pre-configured environments with:
OT security monitoring tools
vendor-supplied HMIs and workstations
vendor-supplied programmable logic controllers (PLCs)
network firewalls
Take a virtual walkthrough of our Digital Resilience Centre, which features our OT Lab, to learn how we help unite your lines of defence against modern-day threats.
Partner, Cybersecurity and Operating Technology (OT) National Leader, PwC Canada
Tel: +1 403 620 1618
Partner, Cybersecurity, Privacy and Financial Crime National Leader, PwC Canada
Tel: +1 416 815 5306
Partner, Cybersecurity, Privacy and Financial Crime and National Cybersecurity Leader, PwC Canada
Tel: +1 604 806 7603