Expertise

Six areas of competence, with OT as core practice.

01

OT & ICS SecurityCore practice

IEC 62443 zones & conduits, OT–IT segmentation, industrial DMZ (Cisco ISA3000, Check Point 1570R), Active Directory OT, IACS hardening. FAT/SAT support, multi-site HLD/LLD standardisation.

IEC 62443DMZSegmentationOT AD
02

Governance & Risk

ISMS rollouts (ISO 27001:2022), NIS2 readiness, EBIOS RM or ISO 27005 risk assessments. Recent example: 360 NIST 800-53 controls prioritised in 5 months for a Luxembourg-based bank.

Risk analysisISMSNIS2
03

Identity & Access

Active Directory / Entra ID, PAM, MFA, RBAC/ABAC modelling in ServiceNow, GPO audits. Nine-month engagement on ~150,000 accounts in a luxury group: 150 user stories delivered, 4 access workflows modelled.

Azure ADPAMMFA
04

Data protection

Microsoft Purview DLP strategy, classification, Sentinel and Defender for Cloud Apps. Example: 13 business/IT workshops, 21 risk scenarios assessed, a tooled roadmap delivered in 5 months (pharma).

M365PurviewGDPR
05

Cloud & Modern Workplace

M365 security: Defender suite, Sentinel, posture management, baseline configurations. Usually integrated as one component of a DLP or IAM engagement rather than as a silo.

DefenderSentinelZero-Trust
06

Awareness & coaching

GoPhish campaigns (520 + 350 users covered in 2024), escape-game workshops with mock phishing site and VMs (40 sessions, ~200 participants). Executive reports delivered at the end of each campaign.

GoPhishWorkshopsCoaching

Let's talk about a concrete project

OT question, IEC 62443 project, audit, NIS2 scoping or security PMO need? A 30-minute call to validate feasibility and engagement format (short diagnostic, scoped mission, long-term support).

Get in touch

Specialty & scope

Core practice: OT/ICS security (IEC 62443, DMZ, OT AD). Also active on IT (ISO 27001, NIS2, IAM, Microsoft 365).

Past engagements include

Multi-site energy operator · global luxury group · pharmaceutical · banking · printing services · municipalities & construction.