Industry: Beverage Manufacturing
Project Overview:
Lion aimed to formalize its OT incident response capabilities by developing tailored use cases and response playbooks. The goal was to ensure consistent, effective handling of OT-specific security events.
Challenges:
- Incident response processes were primarily IT-focused and not suitable for OT environments.
- OT staff were unfamiliar with cybersecurity procedures and terminology.
- There was no standardized approach to handling common OT security scenarios.
Solution:
Sydco collaborated with both IT and OT teams to identify high-risk scenarios and develop relevant use cases, such as unauthorized firmware changes or abnormal control system behaviour. For each use case, we created detailed playbooks outlining detection methods, escalation paths, and containment procedures. Training sessions and tabletop exercises were conducted to reinforce readiness.
Results:
- Lions security teams responded more confidently and consistently to OT incidents.
- Communication between IT and OT stakeholders improved significantly.
- The organization was better prepared for audits and regulatory reviews.
