ndustrial cyber attacks rarely start with “Hollywood hacking”. They start with small gaps: shared passwords, old Windows PCs, open remote access, unmanaged switches, no backups, no clear responsibilities. In OT, the result is not “just IT downtime” — it can stop production, damage equipment, or create unsafe states.
Industrial Security (OT) means: keeping your machines and automation systems available, controllable, and recoverable — while still allowing maintenance, service, and upgrades.
What I offer
I help operators, OEMs, and integrators implement OT security pragmatically — without bureaucracy and without blocking production.
Typical environments:
- PLC / safety controller + HMI
- Drives, robots, presses, AGVs/AMRs
- Industrial networks (PROFINET, Ethernet/IP, Modbus TCP, etc.)
- Remote service access (vendor support, maintenance)
Typical problems I see in the field
- Remote access exists, but no clear control (who, when, how, logging)
- One flat network: office IT and machine network mixed
- Old engineering laptops / HMIs with outdated OS
- No asset list: “We don’t even know what is connected”
- Backups exist “somewhere” — but restore is untested
- Passwords and user roles are inconsistent or shared
- Switches, firewalls, and VPN are present, but not configured for OT reality
- Security measures collide with serviceability → people bypass them
My OT security scope (what I actually do)
1) OT Security Check (quick, on-site or remote-first)
- Asset overview (controllers, HMIs, switches, remote access paths)
- Network review (segmentation, VLANs, key connections)
- User & access review (roles, passwords, vendor access)
- Backup & restore review (what is backed up, how often, where, restore test plan)
- Patch/update reality check (what is possible without risking uptime)
Deliverable: clear findings + prioritized action plan (what to fix first, what can wait).
(Enquiry)
2) Hardening & implementation support
- Secure remote access concept (VPN, accounts, time-limited access, logging)
- Segmentation concept: OT zones / cell concept (practical and maintainable)
- Basic hardening for HMIs/PCs (accounts, services, removable media rules)
- Secure change process for PLC/HMI projects (versions, approvals, backups)
- Backup strategy that works in OT (images, projects, recipes, parameters)
Deliverable: implementable checklist + configuration targets (not theory).
(Enquiry)
3) Retrofit projects: security “built in”
If you replace or modernise controls, you can fix security at the same time:
- Clean architecture from day one (zones, access, documentation)
- Modern controller/HMI setup with role-based access
- Controlled remote service for OEMs and maintenance partners
- Reliable backups and fast recovery
Deliverable: stable operation + easier maintenance + reduced cyber risk.
(Enquiry)
What you get (in plain terms)
- A clear, structured OT security plan that maintenance can actually follow
- Fewer emergency stops caused by IT/OT chaos
- Controlled vendor access (no “open TeamViewer forever”)
- Better recoverability: restore tested, not only “backup exists”
- Documentation that supports audits and customer requirements — without bloated paperwork
Where this is especially relevant
- Presses and production lines (retrofits, mixed generations)
- Robot cells and automated lines
- AGV/AMR / intralogistics
- Plants with international suppliers and frequent remote service
How we start
- Short call to understand your setup and risks (15–20 min).
- OT Security Check (remote-first, on-site if needed).
- Action plan + implementation support.
Working language / regions
I work mainly in DACH, internationally available (German/English).
For projects in the Gulf region (e.g., UAE/Dubai), the focus is usually: availability, controlled remote access, and clean documentation for operators and international OEMs.