Save LAN carried out an OT and IT security assessment for Jylhän Electricity Cooperative

The Jylhäläinen network is a shared energy that is good for the whole city. A secure electricity grid is the backbone of prosperity for residents and businesses. IT and OT network security is a key part of proactive cybersecurity.

Challenges and objectives

Jylhän Electricity Cooperative wanted to ensure that their IT and OT networks were adequately protected against modern cyber threats. The organisation needed a holistic view of both its technical and organisational security practices.

The objective was to identify the configuration of key network equipment, review operational and security practices, and ensure that critical systems - such as server networks and SCADA systems - meet security requirements. The mapping exercise also had to identify potential vulnerabilities and provide recommendations for their remediation.

The work was based on the international ISO 27001 standard, which was audited to systematically identify and improve security practices.

Save LAN solution

Save LAN was selected to carry out the survey, in particular because of its expertise in OT network. In particular, the company had in-depth expertise in SCADA environments and critical infrastructure protection.

Savela's approach was to combine the audit of the IT and OT networks into one entity, and to carry out the assessment as an ISO 27001-compliant audit process. This allowed for a comprehensive, consistent and comparable analysis of the organisation's information security.

Project implementation

The audit was divided into two main areas: the IT network and the OT network.

for the IT network focused on server network security, access management, encryption techniques and vulnerability testing. Particular attention was paid to how responsibilities are defined for the maintenance and management of the systems. This is key to the security responsibilities.

for the OT network SCADA and substation settings, communication protocols and data transmission security were examined. The protection of these systems is vital to control critical industrial processes.

The mapping was carried out through workshops. In these workshops, participants expressed their observations on the practical work and safety aspects. The workshops resulted in a detailed report presenting the weaknesses identified and concrete recommendations for improvement.

"The workshops provided a deeper understanding of the organisation's security needs and challenges."

Results from

As a result of the audit, Jylhän Electricity Cooperative received a comprehensive and clear picture of the current state of its IT and OT networks and areas for improvement. The mapping highlighted both technical and process-related development needs, and provided concrete suggestions for measures to address vulnerabilities.

The ISO 27001 approach helped to structure the security practices and identify the areas to focus on in the future. The result was an improved information security management model that will better protect the organisation's business and critical infrastructure in the future.

Give Us a Call ->

Lauri Jurvanen Production Network Consultant Save LAN