Protecting Data, Systems & IT Infrastructure
Secure by Design
From small discrete plant operations to large-scale disparate control of critical national infrastructure, Bilfinger UK are a trusted partner in the design, install and maintenance of cyber secure solutions throughout the industry.
We have IEC-62443 certification and trained engineers within our project and automation teams but also within our service support division. This means we can confidently support your plant operations, from consultation through to project execution and throughout your entire connected assets life cycle.
- Cybersecurity comprises technologies, processes and controls that are designed to protect systems, networks and data from cyber attacks.
- Effective cybersecurity reduces the risk of cyber attacks, and protects organisations and individuals from the unauthorised exploitation of systems, networks and technologies.
POTENTIAL RISKS OF A BREACH
- Damage to operational equipment
- Repairs/recovery/system rebuild
- Financial penalties
- Reputational damage
- Ongoing operational issues
Managing cyber threats is a key objective at Bilfinger UK. Accordingly, we ensure that that both our operational activities and supplied products meet current regulations and regularly audit all implementations, both internally and externally.
For internal operation, Bilfinger UK is both ISO27001 and Cyber Essentials accredited. We have tightly integrated the requirements of these standards into our existing ISO9001 TickITplus quality system.
We operate a continuous improvement policy regarding cybersecurity, personnel are provided with periodic training to promote understanding and compliance with relevant regulations, policies and procedures related to internal operations and deliverable products/services. Continuous investment ensures that we can manage and mitigate cyber risk to projects even with an ever-changing threat landscape and continuous technology shifts. The use of the combination of ISO27001 and IEC 62443 ensures we can meet a variety of regulatory needs for both internal operations and delivered products.
Industrial Cybersecurity Services
Bilfinger UK's industrial cybersecurity services have been designed to adhere to the latest IEC-62443 Cybersecurity Standards. We can help you at all stages, from evaluation of your risks and threats through to implementation of any required defences and ongoing support.
OUR 4 PHASE APPROACH
Phase 1 – Assessment: Existing devices, software platforms, application and infrastructure review against requirements providing an estimated risk level in line with ISA-62443.
Phase 2 – Analysis: Detailed analysis phase involving operations consultations, detailed vulnerability analysis and production of risk level definition report.
Phase 3 – Implementation: Development of cybersecurity requirements specification and implementation of measures (physical, software, infrastructure and application level).
Phase 4 – Maintenance & Support: Cybersecurity maintenance service providing ongoing cybersecurity protection with regular reviews of systems and updates.
Cybersecurity Assessments & Evaluations
We undertake cybersecurity assessments and evaluations as part of our consultancy offering; incorporating considerations towards the obsolescence of existing assets and balancing that with plans for digitalisation. Giving you an easy to digest set of recommendations to take your business forward securely.