– INDUSTRIAL AND OT NETWORK CONSULTING · HANS STUDY · ONTARIO, CANADA
OT and ICS network advisory for systems that cannot fail quietly
SCADA, DCS, ICS environments in utilities, pipelines, water treatment, transportation infrastructure, and defence. OT/IT segmentation, secure remote access, NERC CIP and CMMC compliance, and monitoring strategies that give operators visibility without triggering the outage they are trying to prevent.
The problem with applying enterprise thinking to OT
OT environments have constraints that standard enterprise network design does not account for. Systems that cannot tolerate a reboot. Legacy protocols with no authentication. Failure consequences measured in operational disruption, not just data exposure. Applying enterprise security patterns directly to OT environments often causes more problems than they solve.
I have worked across SCADA, DCS, and ICS environments in utilities, pipelines, water treatment, transportation infrastructure, and defence. The advisory covers OT/IT segmentation design, secure remote access architecture, NERC CIP and CMMC compliance, and monitoring strategies that give operators visibility without the active scanning that can trigger the very outage they are trying to prevent.
The common engagement pattern is an organization that needs a second opinion from someone not trying to sell the monitoring platform. That independence is the point.
Where independent advisory adds value
OT/IT segmentation design
Purdue Model alignment. Segmentation between corporate, DMZ, and plant zones. Conduit and zone design that holds up to a NERC CIP audit and to a real plant operator on a Tuesday morning.
Secure remote access for OT
Remote access to OT environments is one of the highest-risk connectivity decisions an operator makes. Jump server architecture, vendor access controls, MFA enforcement, and session logging in environments where the alternative is either no remote access or an open connection that bypasses every other control.
Risk-aware OT monitoring strategy
Active scanning is often out of the question in OT environments. Passive monitoring, span port architectures, and out-of-band collection give operators the situational awareness they need without touching the control network. Advisory covers monitoring architecture design and OT-aware SIEM integration.
Industrial protocol security
Modbus, DNP3, IEC 61850, OPC UA, BACnet. Protocol-aware segmentation, deep packet inspection where it adds value and where it does not, and the operational impact of every control imposed.
Physical security for OT facilities
Substations, pump stations, and remote unmanned installations have physical security requirements distinct from enterprise environments. Access control and video surveillance integrated with SCADA alarms, and physical security design that satisfies NERC CIP physical access control requirements.
Plant network refresh and modernization
Migration from flat plant networks to segmented architectures without taking the plant offline. Phased cutover, fallback design, and operational continuity during the work.
Standards and frameworks in scope
- NERC CIP, bulk electric system reliability standards
- NIST SP 800-82, guide to industrial control systems security
- IEC 62443, industrial automation and control systems security
- CMMC 2.0, for defence contractors with OT in scope of CUI
- NIST SP 800-53, security controls for federal information systems
- ITSG-33, Government of Canada IT security risk management
Related advisory areas
Enterprise Network Architecture →
The IT side of the IT/OT boundary. The design pattern on one side affects what is possible on the other.
Physical Security Design and Assessment →
NERC CIP physical access controls and OT facility security design.
ICAT Design and Project Advisory →
Integrated facility projects where OT, building automation, and physical security converge.
Critical Infrastructure →
Sector-level overview for utility, transmission, and large municipal systems engagements.
Common questions
What is the difference between IT security and OT security?
In IT security, the priority order is confidentiality, integrity, then availability. In OT, availability comes first. A control system shut down for a security patch causes an operational disruption that may have safety implications. Legacy OT systems often cannot be patched at all. Security design for OT has to account for these constraints, which is why enterprise security approaches applied directly to OT environments often cause more problems than they solve.
Does Hans Study provide CMMC advisory for defence contractors with OT in scope?
Yes. Defence contractors whose OT environments handle Controlled Unclassified Information, or whose OT networks connect to systems that do, need to account for CMMC 2.0 requirements in their OT security architecture. Gap assessments, architecture advisory, and documentation support for contractors working toward CMMC Level 2 where OT is in scope.
Who provides independent OT network consulting in Canada?
Based in Ontario, Independent OT and ICS network consulting across Canada and the US. Project history covers utility, transportation, government, and defence environments. No monitoring platform to sell. No preferred vendor relationship shaping the recommendation.
Independent oversight before the design is committed
Pre-design architecture review, vendor proposal review, owner's representative engagement during deployment, and post-deployment audit are all available as discrete engagements. The earliest point of engagement is also the highest-impact point.
Start a conversation