OT/ICS policy templates that will save you time, labor, and project risk
You can have an OT/ICS cyber security program custom-built by consultants in a never ending series of workshops. Or you can license a comprehensive, proven, ready-made program for a fraction of the cost and go right to implementation.
Most OT policy sets are little more than wishful thinking. They lack the vital specifics on execution and verification. These specifics are hard, but you don’t need to sweat over them.
The Simple Cyber Governance Program (SCGP) is a ready-made ISMS for OT. It allows asset owners in critical infrastructure and manufacturing to implement an OT security program faster, with less cost, less risk, and measurable results.
High-level management plan
Detailed execution plan
Metrics for measuring progress
Asset inventory specifications
Network diagram style guide
Data flow diagram style guide
NW & endpoint reference architecture
Detailed system procurement language
Incident management process details
Vulnerability management process details
Roles and responsibilities
Role based cyber security policies
Detailed OT security policies, templates, procurement language, and more
High-level OT security frameworks like NIST CSF and IEC 62443 contain a whole lot of great ideas — but few practical provisions that can be put into production use. The reality is that thousands of critical infrastructure and manufacturing companies struggle to translate high-level guidance from those frameworks into something tangible and useful.
Instead of re-inventing the wheel by developing a custom OT governance program, start out with a proven policy set that is successfully in use since 2014, in more than 1000 facilities all over the globe.
Check out the original document set thoroughly before purchasing a license. Simply download the SCGP eval document pack (15 PDF files, 300 pages, ZIP archive).
What you see is what you get, only that you will get MS-Word documents rather than PDF files when purchasing a commercial license.
Discuss with your team how much time and money the Simple Cyber Governance Program will save you. Then, purchase with confidence, and jump straight to program implementation.
Who is using the Simple Cyber Governance Program?
The Simple Cyber Governance Program is used in critical infrastructure and manufacturing. Customers include oil and gas companies, consumer goods manufacturing, chemical products, the world’s first final nuclear waste storage, pharmaceutical companies, and water utilities.
“CITGO had tried to develop a mature set of policies, procedures and standards for our Operational Technology (IT in OT) using in-house resources without much success. The Simple Cyber Governance Program templates by Langner will literally save us years of effort and will allow us to meet deadlines.”
“By implementing the Simple Cyber Governance Program, we created a standardized documentation system with consistently applied solutions, clear policies, standard operating procedures, and training. Most importantly, we had a way to measure our progress on every element. In doing so, we not only identified and corrected configuration issues, we are now able to quickly troubleshoot and perform root cause analyses, saving us hundreds of hours of engineering time.”
SCGP users in the nuclear industry:
Listen what OT security thought leaders are saying about the Simple Cyber Governance Program: