2021-04-26_11h28_39-1

Finding a penetration tester for automation technology

How our service uncovered the security vulnerabilities of a leading global automation technology provider

Around 80% of OT managers in German companies have experienced a breach of their infrastructure in the past two years. At the same time, a global study by IBM reveals an average value of such data leaks of 3.4 million euros. Only 10% of the companies surveyed reported never having experienced a breach. Among these 10% were predominantly companies whose systems were subject to regular audits and penetration tests.

 

 

Procedure

For a leading global provider of automation technology, whose systems had not yet been subjected to external audits or tests, it was important to introduce regular penetration tests and vulnerability management. The aim of the measure was to create more transparency about potential security gaps. The company's heterogeneous system landscape, consisting of IT, OT and IoT, required suitable and flexible service providers. We started with an inventory of the systems to be tested and clarification of the scope of the test. We then defined criteria for vendor selection. We considered, among other things, the experience of the respective vendor, certifications of the penetration testers, the price-performance ratio and customer references from past projects. After an anonymous RFQ among potentially suitable service providers, we organized four provider presentations and supported the customer in the bid selection process.

 

 

team-5 (2)
team-5
team-5

Identification of Top-Cyberrisiks

forward-right
locator-spot-check

Strategic Vendor Selection

forward-right
laptop-hacker

Anonymous Tender

forward-right
document-edit

Individual Provider Recommendation & Support

 

 

Result

Blackbox and Greybox penetration tests identified several mission-critical security vulnerabilities. The company saved money because we found a provider with a better price-performance ratio compared to the customer's own RFP.

Find out more about CyberCompare

 

 

More Case Studies

case_study_diagnostic

 

 

case_study_assetmanagement

 

 

case_study_awareness_automotive

 

 

risk_analysis

 

 

 

 

Do you need a cybersecurity solution?

CyberCompare has tested providers in its portfolio and, as an independent market participant, provides you with free and non-binding comparative offers. Contact us or test your cyber risk profile with our diagnostic.

 

Arrange appointment
Start diagnostic