OPERATIONAL TECHNOLOGY RISK ASSESSMENT
Historically, an organization developed a Cybersecurity program to achieve compliance. It has been our experience, organizations which achieve full compliance cannot continue to operate because of strict Compliance requirements and the lack of a functional Cybersecurity program. The lack of a functional Cybersecurity program enables methodologies found within the Industrial Control System Cyber Kill Chain. Cybersecurity programs should enable an organization’s Mission and business objectives. When an organization develops a Cybersecurity program specific to the OT environment, compliance occurs naturally.