Based in British Columbia, a hydrogen distributor engaged CIMA+ to strengthen the security of its information technology (IT) and operational technology (OT) networks through a comprehensive program of configuration reviews, vulnerability assessments and cyberattack simulations. The project’s primary objective was to identify and address cybersecurity weaknesses that could be exploited by external or persistent attackers, thereby enhancing the resilience of the organization’s operations and infrastructure.
CIMA+ deployed a multidisciplinary team consisting of a cybersecurity advisor and an ethical hacker to execute these activities. The work included an external vulnerability assessment of the central office, remote office and approximately a dozen hydrogen stations to simulate the actions of opportunistic attackers. A Microsoft 365 security configuration audit was also performed to evaluate and secure the hybrid cloud infrastructure configurations. Additionally, testing was conducted to emulate the tactics of determined attackers, identifying high-risk vulnerabilities and testing defensive capabilities.
Key deliverables included a detailed configuration and architecture review report for all hydrogen production and distribution sites, vulnerability audit reports, a simulation test report and a comprehensive set of recommendations with an actionable plan.
By completing these assessments, CIMA+ has provided the client with the insights and tools needed to fortify its systems and safeguard critical hydrogen production and distribution assets.