Services

Seven engagement areas. Deliverables and engagement formats are detailed for each.

IEC 62443 end to end: zones & conduits architecture, IACS hardening, gap analysis (SL-T / SL-C), OT policies and procedures, compliance roadmap.

Deliverables
  • Architecture HLD / LLD (zones, conduits, DMZ).
  • SL-T / SL-C gap analysis report.
  • Prioritised roadmap & OT policies.
Engagement
  • Short diagnostic or long-term engagement.
  • On-site (workshops, FAT/SAT) or remote.

ISMS (ISO 27001 / NIS2), risk assessments (EBIOS RM / ISO 27005), DLP policy & classification, compliance audits, DRP & BIA.

Deliverables
  • ISMS documentation set & Statement of Applicability.
  • Risk assessment report and treatment plan.
  • Audit report with prioritised action plan.
Engagement
  • Scoped mission (pre-certification, NIS2 readiness).
  • Business & IT workshops, remediation follow-up.

AD / Entra ID, M365, PAM / SSO / MFA, GPO audits, RBAC / ABAC models, Zero-Trust, access reviews and hardening.

Deliverables
  • RBAC / ABAC role matrix and access processes.
  • Audit report (GPO, privileged accounts).
  • Hardening plan and PAM / MFA design.
Engagement
  • One-off review or full IAM transformation programme.
  • Integration with your tooling (ServiceNow, ITSM).

Architecture and configuration reviews, posture assessment, controlled testing, DRP tests, hardening recommendations.

Deliverables
  • Detailed audit report & executive summary.
  • Risk-prioritised remediation plan.
  • Per-device hardening recommendations.
Engagement
  • Short diagnostic (2 to 10 days) depending on scope.
  • Restitution to ExCo or technical teams.

Phishing campaigns, immersive workshops (security escape-game), best practices, playbooks, coaching for teams and executives.

Deliverables
  • Consolidated campaign reports (executive & detailed).
  • Workshop materials and hands-on scenarios.
  • Playbooks & good-practice guides.
Engagement
  • Recurring campaigns or one-off intervention.
  • On-site or remote sessions, FR / EN.

Agile delivery (Scrum / Kanban), scoping, roadmap, vendor management, reporting & KPIs.

Deliverables
  • Scoping note & project roadmap.
  • Dashboards, reporting & KPIs.
  • Vendor tracking files (FAT / SAT).
Engagement
  • Part-time or full-time security PMO.
  • Multi-team programme management.

From scoping to integration: solution selection, documentation and skills transfer to your IT / OT teams.

Deliverables
  • Solution selection file (comparison, recommendation).
  • Operations documentation & diagrams.
  • Skills transfer plan.
Engagement
  • Format adapted to your need and constraints.
  • Commitment on measurable results.

Let's talk about a concrete project

OT question, IEC 62443 project, audit, NIS2 scoping or security PMO need? A 30-minute call to validate feasibility and engagement format (short diagnostic, scoped mission, long-term support).

Get in touch

Specialty & scope

Core practice: OT/ICS security (IEC 62443, DMZ, OT AD). Also active on IT (ISO 27001, NIS2, IAM, Microsoft 365).

Past engagements include

Multi-site energy operator · global luxury group · pharmaceutical · banking · printing services · municipalities & construction.