Industrial switchgear and control infrastructure

Meridian Consultants

OT cybersecurity for industrial control systems, brownfield sites and critical infrastructure

Engineering-led cybersecurity work for teams responsible for live control systems, legacy infrastructure, supplier access, segmentation, IEC 62443 alignment and assurance evidence.

We help operations, engineering, project and assurance teams understand what is exposed, what evidence is missing, and what practical work is needed to reduce risk without disrupting the plant.

View services Use the readiness checklist Contact Meridian

Built for live OT environments

Industrial cybersecurity work is rarely clean-sheet. Most sites already have ageing PLCs, vendor-maintained systems, remote access routes, mixed ownership, incomplete records and strict change control. Meridian works from that reality.

Flat OT networks

Control, engineering, historian, vendor and support systems often share network paths that are difficult to evidence, monitor or control.

Legacy PLC and SCADA estates

Long-life control systems may still operate reliably, but are often difficult to patch, segment, replace or assess using standard IT methods.

Supplier and remote access routes

Vendor support arrangements can grow over time without clear ownership, approval records, session visibility or consistent access control.

Remote and distributed assets

Telemetry, unmanned sites and remote infrastructure can create visibility gaps across the wider operating environment.

Incomplete cybersecurity evidence

Projects and audits often expose missing drawings, weak asset records, unclear assumptions and incomplete verification evidence.

Brownfield integration constraints

Cybersecurity improvements need to respect uptime, safety, operational ownership, maintenance windows and supplier dependency.

FAT/SAT and close-out pressure

Cybersecurity requirements need to be translated into testable evidence before supplier acceptance, site testing or project handover.

Mixed IT/OT ownership

Operations, engineering, IT, cyber, projects and suppliers often need a shared technical view before decisions can move.

Where Meridian is usually brought in

Meridian is most useful when an organisation knows there is an OT cybersecurity issue, but the scope, evidence, ownership or engineering response is not yet clear.

Assess the current position

Risk assessments, architecture reviews, asset evidence reviews and IEC 62443-aligned gap analysis for industrial control environments.

View assessment services

Define the technical work

Segmentation strategy, zone and conduit definition, remote access review, supplier interface review and practical design input.

View engineering services

Produce assurance evidence

Evidence matrices, testable requirements, FAT/SAT input, cybersecurity verification records and documentation for project or audit close-out.

View assurance services

Industrial environments we understand

Sector context matters. OT cybersecurity work should reflect the assets, constraints, support models and assurance pressures of the operating environment.

Industrial gas pipework and energy infrastructure

Gas & Energy Infrastructure

OT cybersecurity support for gas transmission, energy infrastructure, compressor control, telemetry, vendor access, safety interfaces and assurance requirements.

Industry approach

Water utility infrastructure and treatment environment

Water Utilities

Cybersecurity and documentation support for remote pumping stations, telemetry, legacy PLCs, mixed vendor estates, and ageing SCADA platforms.

Industry approach

Manufacturing

Practical support for production network segmentation, supplier-maintained machinery, engineering laptops, and line-level downtime risk.

Industry approach

Offshore process industry infrastructure

Offshore & Process Industries

Assurance for vendor package systems, remote support links, strict change control, safety interfaces, and constrained maintenance windows.

Industry approach

Offshore wind farm renewable energy infrastructure

Renewables

Support for distributed renewable assets, remote monitoring, supplier platforms, telemetry links, and operational data transfer.

Industry approach

Nuclear and high-hazard industrial infrastructure

Nuclear & High-Hazard Environments

Evidence-focused assurance for regulated engineering environments with strict change control, supplier review, and documentation requirements.

Industry approach

Work from the operating context

OT cybersecurity work is most useful when it reflects the system boundary, project pressure, operational constraints and evidence already available. Meridian helps turn that context into a defined scope of work: what needs reviewing, what evidence is missing, and what engineering output is needed before assessment, design input or assurance work begins.

Define the scope

Clarify the control system, site boundary, supplier interfaces, remote access routes, project stage and operational constraints.

View services

Review the evidence

Check drawings, asset records, network architecture, remote access arrangements and known assurance gaps.

Review evidence

Discuss the issue

Talk through the situation without sharing sensitive site details, drawings, IP addresses, vulnerabilities or client information.

Contact Meridian

Discuss the operating context

A useful first discussion can happen without sensitive drawings, IP addresses, vulnerabilities or client information. Start with the system boundary, project pressure, operational constraints and available evidence.

Contact Meridian