Capability

Engineering-led OT and ICS cybersecurity

Q: What frameworks do you work to?

Primarily IEC 62443 for architecture and zoning, with AESCSF for Australian energy sector clients, and alignment to the SOCI Act critical infrastructure obligations where relevant.

By Matt Breuillac, Director, Cyber Node

Cyber Node was founded by a chemical and process engineer. Prior work includes Shell Prelude FLNG, LNG facilities, and nuclear engineering projects. When we talk to plant operators and control system integrators, we talk in their terms.

That matters. Most OT security work fails at the conversation with the control room. A consultant who sees an HMI and calls it a web browser will not be invited back. A consultant who understands why a DCS operator cannot simply "patch and reboot" during turnaround will.

SCADA DCS Historians IEC 62443 AESCSF

What we deliver

OT engagements

✓
OT current-state assessment
Architecture review, zone and conduit mapping, asset inventory validation, and gap analysis against IEC 62443 and AESCSF where relevant.
✓
OT network security policy
Review of existing policy or development from scratch. Written to survive handover between shifts, not to look good on an auditor’s desk.
✓
Incident response playbooks
OT-specific incident response plans and playbooks. Scenarios tailored to your plant, your control system vendor, and your operating model.
✓
Tabletop exercises
Facilitated exercises combining operations, engineering and security teams. Designed to surface coordination gaps before an incident does.
✓
Passive assessment and test-bench work
Where production active testing is not an option, we use passive traffic analysis and replicated test benches to assess exploitability without touching live equipment.

Why engineering background matters

Operational safety is a precondition, not a preference

OT cybersecurity engagements fail more often from operational missteps than from technical errors. A pen tester who sends an unexpected packet to a PLC during a critical batch run does not get a second chance.

Cyber Node’s engineering background means we design engagements around plant state. Turnaround windows. Maintenance schedules. Operator rosters. Integration vendor access. The safety case for the assessment is written first, then the technical work fits inside it.

Who we work with

Sector focus

Resources and mining

WA-based resources operators running SCADA, DCS and historian infrastructure. Passive assessment and design review preferred over active testing.

LNG and oil and gas

Background in LNG operations and petrochemicals allows direct discussion with process and control engineers, not just IT counterparts.

Critical infrastructure

Operators with obligations under the SOCI Act and associated rules. Evidence-ready assessments aligned to registered asset requirements.

Control system integrators

Independent security review of integrator-delivered architectures before commissioning or as part of handover.

Questions we get

FAQ

Only where the client explicitly authorises it and the operational risk has been assessed and accepted. For many production environments we use passive assessment, tabletop exercises, and test-bench replicas of site equipment.

Primarily IEC 62443 for architecture and zoning, AESCSF for Australian energy sector clients, and alignment to the SOCI Act critical infrastructure obligations where relevant.

Yes. We routinely coordinate with integrator and OEM teams during engagements, and have direct experience with the major DCS and SCADA vendors used in Australian industry.