Cybersecurity Solutions

ICS Cybersecurity and OT Compliance

Improve your operational technology and industrial control systems’ (OT/ICS) security, and comply with critical infrastructure regulations.

Overview

Protect the Safety and Reliability of OT Assets

Content with ICS/OT Compliance and protect against risk.

Comply with ICS/OT regulations while addressing the evolving OT risk today’s industrial operators face.

Apply OT cybersecurity frameworks — like C2M2 and NERC CIP — to tackle OT and ICS cyber risk by working with an expert ICS cybersecurity solutions provider.

Talk to an Advisor

Regulatory Assessments

Asset Inventories

Threat Modeling

Vulnerability Assessment

Chart your course to an effective OT security program.

Industry Cybersecurity Solutions

Navigate the Most Important OT Cybersecurity Compliance Requirements

Meet cybersecurity control requirements with confidence.

We provide industrial cybersecurity solutions so you meet cybersecurity control requirements, including NERC-CIP, TSA Pipeline, US Federal BOD, EU NIS, KSA OTCC, and many others.

Our cybersecurity solutions include our technology platform, threat intelligence, and expert services — all of which enable industrial operators to navigate the most important OT cybersecurity compliance and standards requirements.

Talk to an ICS Security expert

ICS and OT Regulations

Comply with the Complex ICS/OT Regulatory Landscape

Learn more about specific industrial cybersecurity regulations and how we help organizations like yours meet compliance requirements.

SLACIP Act 2022

The Australian Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 amends the 2018 Act to include eleven industries, add r a critical infrastructure risk management program requirement, add definitions for, and enhance cybersecurity obligations for assets.

CMMC

The Cybersecurity Maturity Model Certification (CMMC) program is aligned with the US Department of Defense (DOD) information security requirements for Defense Industrial Base (DIB) partners. CMMC is designed to enforce protection of sensitive unclassified information that is shared by the Department with contractors and subcontractors.

NIS2 Directive (ISA/IEC 62443)

The ISA/IEC 62443 series of standards define requirements and processes for implementing and maintaining electronically secure industrial automation and control systems (IACS). These standards set best practices for security and provide a way to assess the level of security performance.

IT-Sicherheitsgesetz 2.0 (IT-SiG 2)

The German Bundestag adopted the IT Security Act 2.0 (IT-Sicherheitsgesetz 2.0 – “IT-SiG 2.0”), and it was endorsed in the Bundesrat in May 2021. This regulation provides amendments and updates, bringing a focus to the German Act to strengthen the security of federal information technology.

NERC CIP

For electric utilities in the United States and Canada, the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) reliability standards provide baseline security requirements for power systems and their interconnected facilities and equipment.

CISA BOD

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a Binding Operational Directive (BOD) regarding asset discovery, vulnerability detection, and reporting practices for Federal Civilian Executive Branch (FCEB) agencies. Automated asset discovery, vulnerability detection and more must be in place by April 2023.

TSA SD02C

U.S. Transportation Security Administration Security Directive Pipeline-2021-02C applies to owners and operators of hazardous liquid and natural gas pipelines and liquified natural gas facilities, with the goal of reducing the risk that cybersecurity threats pose to critical pipeline systems and facilities.

April 3, 2023 is the deadline for CISA BOD compliance. Are you ready?

Talk to an ICS advisor

OT Frameworks

Gain Control with ICS/OT Compliance Frameworks

Our experts design OT and ICS security protocols around proven frameworks to ensure compliance and confidence in critical infrastructure cybersecurity.

Get started

C2M2

The Cybersecurity Capability Maturity Model (C2M2) provides a framework to evaluate, prioritize, and improve cybersecurity risk management around IT and OT assets, including hardware, software, and information assets.

CAF

The Cyber Assessment Framework (CAF) consists of 4 objectives that break down into 14 cybersecurity and resilience principles. CAF also includes 39 Indicators of Good Practice (IGP). for both Information Technology (IT) and Operational Technology (OT) environments.

NIST CSF

National Institute of Standards National Institute of Standards and Technology Cyber Security Framework (NIST CSF) consists of five core functions: Identify, Protect, Detect, Respond, and Recover, which provide a set of guidelines and best practices to create, implement, and maintain cybersecurity programs to help manage cyber risk.

KSD OTCC

The Kingdom of Saudi Arabia Operational Technology Critical Controls (KSA OTCC) consists of a set of cybersecurity controls and best practices tailored to the specific needs of the Kingdom of Saudi Arabia. The framework is mandatory for all organizations that operate critical infrastructure in the country.

NIS2

The European Union Directive on Security of Network and Information Systems (NIS2) Directive is a modernized framework based on the EU Network and Information Security Directive, the first piece of EU-wide legislation on cybersecurity.

Cybersecurity Solutions

Cybersecurity Solutions Beyond OT/ICS Security Compliance

When you partner with Level Nine, you’ll have the confidence in your ICS cybersecurity program to focus more on your mission.

Cybersecurity Solutions

Medical Device 524B

Mitigate the risk of security incidents and strengthen medical device cybersecurity by complying with section 524B of the FD&C Act.

Cloud Security

Protect data in transit and at rest while securing your cloud infrastructure from vulnerabilities with enhanced cloud security.

Supply Chain Security

Defend against digital warfare and supply chain attacks with end-to-end critical infrastructure cybersecurity solutions.

Secure-by-Design

Embed cybersecurity practices into your products, software, services and processes by designing with a security-first approach.

Insights

Get the Latest Security Insights

Our security experts regularly share insights and updates from the field.

View more insights

Cyber Health: Lessons for Cybersecurity from COVID-19

Cybersecurity Trends and Insights

Much has been written about how COVID-19 has impacted cybersecurity during 2020, from heightened cybersecurity threats to foundationally challenging business resiliency. However, there are other lessons for cybersecurity which are unnoticed or under-emphasized. Swiss...

“What Could Possibly Go Wrong?” Attending MDIC’s Threat Modeling Bootcamp

Cybersecurity Trends and Insights

Last week, the Medical Device Innovation Consortium (MDIC) held the first of two planned bootcamps where medical device manufacturers, health delivery organizations, cybersecurity subject matter experts, and the FDA came together to learn and discuss all things threat...

Threats and Solutions to Wide Body Area Networks

Architecture and Design, Threats and Vulnerabilities

The healthcare industry is under continuous attack with cybercriminals targeting poorly controlled medical devices (Schiano, Sharman, and McClean, 2018). In the first two months of 2018, 24 healthcare organizations reported data breaches affecting over 1,00 patients...

ICS and OT Compliance Starts with Expert Cybersecurity Solutions

We help organizations improve operational technology and industrial control systems’ (OT/ICS) security in the critical infrastructure sector.

Contact Us