How does the retainer model work?

We define the monthly advisory hours and SLA — ongoing consultation, incident review and periodic security reporting.

IT/OT Cybersecurity • Audits • Incident Response • 24/7 Retainer | Wichran – Cybersecurity, Digital Forensics, Court Expert

Why companies choose my IT/OT security support:

25+ years of experience in IT security and industrial OT/ICS cybersecurity
Audits compliant with ISO 27001
Cybersecurity architecture, network segmentation and OT DMZ design
24/7 incident analysis and response (SOC/SIEM/SOAR-ready)
Specialisation in SCADA, PLC, DCS, HMI and industrial networks
System hardening, vulnerability assessments and vendor security validation
Full support in retainer model (SLA, consultations, change control oversight)

Securing industrial infrastructure (OT/ICS) requires both deep technical knowledge and understanding of operational processes.
I help organisations assess risk, implement controls and procedures compliant with NIS2, ISO/IEC 62443 and ISO/IEC 27001,
and build resilience across IT, OT and mixed network environments.

Scope of services

IT/OT security audits

Assessment of industrial systems, servers, networks and peripheral devices. Identification of technical and procedural weaknesses.

Risk analysis & compliance

Identification of assets, threats and vulnerabilities. Roadmap aligned with NIS2, ISO/IEC 62443, ISO/IEC 27001 and ENISA guidelines.

Network segmentation & architecture

Design of security zones and conduits, access limitation and logical separation of industrial systems (PLC, SCADA, HMI).

Monitoring & incident response

Development of incident response procedures, playbooks, event analysis and log correlation. SOC and SIEM integration.

Retainer (subscription-based advisory)

Continuous expert support: risk reviews, vendor assessments, incident consultations and security governance with defined SLA.

Cooperation process

Initial assessment and environment interview
Collecting information about architecture, technologies and operational processes.
Risk & gap assessment
Identification of key assets, threats and technical vulnerabilities.
Recommendations & action plan
Prioritised risks, remediation plan and proposed security controls.
Implementation & team training
Support in executing the plan, validating effectiveness and training staff.
Ongoing support (retainer)
Regular reviews, updated policies, vendor evaluations, incident drills and advisory.

Areas of specialisation

industrial systems: SCADA, DCS, PLC, HMI
segmented networks: VLAN / OT DMZ
OT–IT integration and secure inter-zone communication
securing edge devices, gateways and industrial IoT
vulnerability analysis, system hardening and access policies (IAM, PAM, MFA)
preparation for compliance with NIS2, KSC, ISO/IEC 62443, IEC 27019

FAQ

How is OT security different from IT security?

In OT environments, the priority is **continuous operation and physical process safety**. In IT, the priority is confidentiality and data protection. OT requires different architectures, tools and access policies.

How often should an OT audit be performed?

Full audits are recommended once a year or after any major infrastructure change. Partial control checks — every 6 months.

Do you implement NIS2 or ISO/IEC 62443 requirements?

Yes. I help with gap analysis, documentation preparation and compliance audits for operators of essential services and technology providers.

How does a retainer cooperation model work?

We define a monthly pool of advisory hours and an SLA — rapid expert availability, incident reviews, change consultations and periodic reports.

Contact

Do you need an audit or expert support for your OT/ICS security?

📞 Phone: +48 515 601 621
✉️ Email: biuro@wichran.pl

Request a security audit »