Publicaciones Publications
Best Practices for Cybersecurity Diagnosis in Industrial Environments
978-84-942379-3-5
The main objectives of the industrial cybersecurity diagnosis is to assess the cybersecurity of industrial plants identifying the vulnerabilities and risks they are facing. It proposes as well actions to overcome such risks.
In addition, if you want to acquire the necessary knowledge to apply a cybersecurity diagnosis in an industrial environment, we encourage you to sign up for the practical workshop that CCI organizes: T02. Workshop of Diagnosis of cybersecurity in an industrial automation environment. Workshop based on this document (which will be delivered at no additional cost as workshop documentation), during which the following topics will be addressed:
- Industrial automation technologies and risk scenarios
- Industrial use case
- Diagnostic characteristics
- Methodology and interviews
- Network Architecture Diagnosis
- Systems Diagnosis
- Physical security diagnosis
- Third party diagnosis
- The diagnosis report and its presentation
For further information about this Workshop, please visit: https://www.cci-es.org/Diagnosis
If you prefer a more complete training in which to put this document into practice together with other publications of relevant interest, we encourage you to enroll in the practical course that CCI organizes: C02. Course of Cybersecurity Responsible in IACS (Industrial and Automation Control Systems).
More information about this Course at: https://www.cci-es.org/CourseIACS
Title
22/04/2026
This document analyzes the role of digital twins as a strategic tool to strengthen cybersecurity in industrial environments. Through a technical analysis and a manufacturing use case, the text examines their benefits, implementation challenges, and capabilities for threat simulation. It provides key recommendations for integrating these virtual replicas as essential assets for the operational resilience […]
15/04/2026
This document analyzes OT cybersecurity risks in the railway sector, considered an essential infrastructure. Through expert assessment, it models two key attacks: traffic management intrusion and “trackside” system manipulation. The report details the phases of these incidents, from initial access to systemic impact on operations. Finally, it proposes strategic solutions under the IEC 62443 standard […]
24/11/2025
The new Industrial CRA Position Paper from the Industrial Cybersecurity Center highlights a critical need: adapting the European Cyber Resilience Regulation to the reality of OT environments. Critical infrastructures, legacy systems, decades-long life cycles, and the absolute priority of availability make it impossible to apply the CRA as currently designed. The document proposes a multisectoral […]
22/10/2025
This document, titled “Pocket Guide: Questions to Ask Your Industrial Technology and Service Providers About Their Cybersecurity Capabilities,” developed by the Industrial Cybersecurity Center (CCI), provides a structured set of questions designed to help organizations assess the level of maturity and commitment to cybersecurity among their industrial suppliers.