New algorithm for OT cybersecurity risk management

Issue 4 2023 Industrial (Industry), Information Security, News & Events, Commercial (Industry)

OTORIO a provider of operational technology (OT) cyber and digital risk management solutions, announced that it has secured a patent from the U.S. Patent and Trademark Office for the company’s risk management model and attack graph analysis algorithm. This marks a significant milestone for OTORIO’s proprietary technology and further validates the company as a pioneer in the OT security market.

The USPTO issued U.S. Patent No. 11637853, ‘Operational Network Risk Mitigation System and Method,’ for OTORIO’s algorithm simulation model, which underpins its end-to-end OT cybersecurity platform. The company’s unique technology calculates OT cybersecurity threats by analysing and visualising four key components – threat, likelihood, vulnerability, and impact – and provides risk mitigation actions prioritised according to actual exposure and potential impact on operations. This enables organisations to take proactive measures to safeguard their critical assets and processes.

OTORIO’s attack vector graphs offer a dynamic visual representation of network topology for easy navigation between assets, vulnerabilities, their connections, and the security controls’ influence. This provides crucial context to OT cybersecurity posture, along with concise calls to action, enabling organisations to prioritise and address risk effectively.

OTORIO’s monitoring capabilities empower organisations to proactively manage vulnerabilities and harden security by evaluating the likelihood of incidents across all assets, threats, and potential scenarios. Any variations in the security posture serve as a clear signal for proactive measures, enabling organisations to stay ahead of emerging threats and safeguard their operational technology.

The company’s proprietary algorithm incorporates industry-standard metrics and adheres to the NIST CVSS system for vulnerability scoring, ensuring compliance with industry standards and avoiding the need for re-scoring of common risks.

Find out more at

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

SAIDSA achieves ISO 9001 certification
SAIDSA(SA Intruder Detection Services Association) Associations News & Events Training & Education
The South African Intruder Detection Services Association (SAIDSA) has announced that it has achieved ISO 9001:2015 certification. This milestone reflects its commitment to quality management and excellence in the security services industry.

Fluss launches the next wave of IoT solutions
IoT & Automation Access Control & Identity Management News & Events
Fluss has announced its newest IoT product; Fluss+ continues to allow users to manage access from anywhere globally and brings with it all the advantages of Wi-Fi connectivity.

A standards-based, app approach to risk assessments
Security Services & Risk Management News & Events
[Sponsored] Risk-IO is web-based and designed to consolidate and guide risk managers through the whole risk process. In this article, SMART Security Solutions asks Zulu Consulting to tell us more about Risk-IO and how it came to be.

Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

Cybersecurity and AI
AI & Data Analytics Information Security
Cybersecurity is one of the primary reasons that detecting the commonalities and threats of what is otherwise completely unknown is possible with tools such as SIEM and endpoint protection platforms.

Data security and privacy in global mobility
Security Services & Risk Management Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.