FAQs
Quick answers to common questions
How we assess, plan and respond for OT, SCADA and AMI, and how CyberCare works
We establish secure communications within minutes, co-ordinate with engineering and vendors, and support safe containment and staged recovery while maintaining service and safety.
Yes. Planning and exercises cover isolation, degrade modes and restoration priorities, including comms with regulators and customers.
Your plan names vendors and contacts. We run joint bridges, review access paths and align changes with safety and regulatory requirements.
Yes. Units can fund gateway and certificate reviews, revoke or rotate drills and large-scale change rehearsals.
No. We schedule around maintenance windows and critical periods, use read-only methods and keep sessions focussed.
You receive clear artefacts from assessments, exercises and incident response that demonstrate governance, tested procedures and remediation progress.
Authorised contacts, secure communications, a short discovery of critical assets and partners, and a priority list for proactive use of Units. Enterprise packages can include plan review, assessments and exercising.
Assess
Spot vulnerabilities and prioritise fixes.
CyberProfiler - 'Attacker's Eye View'™
Find exposed portals, remote access points and look-alike domains targeting customers and staff.
Cyber3 - Cybersecurity Assessment
Prioritised review of OT and IT interfaces, remote vendor access, backups and customer systems.
CyberDiscover - Data Analysis
Locate customer and operational data at risk across mailboxes, shares and exports.
Plan
Replace uncertainty with rehearsed decisions, clear roles and playbooks.
Incident Response Planning
Define isolation steps, vendor contacts and decision paths for OT, AMI and customer portal incidents.
CyberSimulate - Cyber Incident Exercising
Tabletops for ransomware, AMI issues, third-party compromise and black-start contingencies.
CyberAware - Cyber Awareness Training
Short sessions for control room, field and support teams on access hygiene and phishing.
Respond
When incidents happen, act quickly with calm, co-ordinated recovery.
24/7 Cyber Incident Response
Rapid investigation, containment and co-ordinated recovery that keeps services reliable.
Threat Actor Engagement
Handle extortion and negotiations securely while leadership focuses on operations and safety.
Cybersecurity services offered to utilities and energy networks
"
The STORM team delivered considerable support and expertise to us to help us navigate through a potentially damaging cyber incident and reduce the impact on our business. "
CISO
Leading UK Power Utility
Let's make it happen
Start a conversation that leads to cyber confidence:
UK/Europe: +44-203-693-7480
Africa: +230-434-1277
India: +91-80010-04277
USA: +1-703-232-9015
Your contact details will only be used in connection with this enquiry.
Please read our Privacy Policy.
CyberCare
Incident response retainer for utilities
Through this strategic onboarding, CyberCare ensures that your organisation has a well-defined and exercised cyber incident response plan, optimised recovery times, and a clear governance structure.
By establishing these critical elements in advance, your organisation and the STORM CyberCare team are fully aligned and ready to respond to any incident with minimal risk and maximum efficiency. CyberCare Enterprise prepares your business not just to react, but to thrive in a dynamic and evolving cyber landscape.
What unused IR Units can support
Vendor laptops are an open door
Use unused IR Units for remote-access reviews and jump-host procedures.
Regulator-ready, year-round
Convert unused IR Units into NIS2-aligned evidence and incident documentation.
Field crews need clear playbooks
Spend unused IR Units on drills covering comms from control room to field units.
Protect AMI and IoT at scale
Apply unused IR Units to gateway reviews, certificate hygiene and rapid revoke or rotate procedures.
Ransomware should not dictate SLAs
Use unused IR Units to rehearse restore priorities and black-start contingencies.
Third-party maintenance risk
Allocate unused IR Units to validate contractor access, tooling and patch windows.
Service continuity and safety depend on connected systems
When SCADA, DCS, AMI or outage management systems are disrupted or altered, customers feel it and safety margins shrink. Ransomware, remote access misuse, third-party compromise and DDoS now impact operations, not just IT.
Generation, transmission, distribution and customer platforms are tightly coupled across utilities and vendors. Legacy equipment, remote maintenance, mobile field apps and cloud services widen the attack surface, while regulators expect demonstrable governance and tested response.
Effective cybersecurity keeps services reliable, contains incidents fast and provides clear evidence during audits and reviews.
How STORM can help
Security assessments, practical preparation and 24/7 incident response.
We help teams reduce cyber risk across control rooms, plants and customer platforms. We assess your organisation, prepare your people with clear playbooks and exercises aligned to operations, and respond around the clock when incidents occur.
Who we help
For operations, engineering, IT and security leaders
We work with electricity, water, gas and district energy utilities seeking resilient services, faster recovery from incidents and clearer assurance for regulators and insurers.
Key challenges we address
OT and SCADA resilience
Ransomware containment and recovery
Third-party maintenance and remote access control
AMI and large-scale IoT security
Field workforce procedures and comms
Email and domain security
DDoS against portals and outage maps
Evidence for regulators and auditors
See how we Assess, Plan and Respond