Our aeCyberSolutions™ suite of services is a risk-driven approach organized into four competencies: Governance, Risk Management, Security Implementation, and Security Operations. By working with you and focusing on the core mission in each of these four areas, we can help you meet your mission.


Cyber Program : Establish cybersecurity policies and practices

If the key to safety is to create a safety culture, then the key to cybersecurity is to create a security culture, and Governance is the foundation for a sustainable culture.

Using industry standards, including NIST CSF and ISA 62443, aeSolutions has developed tools, techniques and templates (such as aeCyberProgram™) to help you fast-track your cybersecurity program policies, procedures, standards, and training and awareness programs. We can also help you with establishing a governance board and charter, a security plan and master policy, and other executive engagement activities and deliverables (such as aeReport™), all designed to drive the creation of a security culture in line with your safety culture and your operational reliability requirements.



Build your ICS Cybersecurity Program


  • ICS Program Framework Development

  • Policy & Procedure Development

  • Cybersecurity Requirements Specification

  • Mitigation Road Maps


Train your Workforce


  • ISA Security Technical Training (ISA plus aeSolutions)

  • ICS Security Training for Managers 

Learn more about the program building:


Risk Management : Manage your exposure to Risk

Unlike IT risks, ICS cyber-based risk must be understood in terms of its potential physical impacts on facilities and equipment, operational reliability, employee safety, the environment, and product quality.

While these newer digital technologies provide many benefits to organizations, they can also inadvertently create exposures to cybersecurity risk, which in turn, if not properly identified and mitigated, could compromise the safety, integrity and reliability of your operations. It makes sense, then, that organizations are increasingly incorporating cyber risk evaluations into their design, engineering, testing and commissioning activities.



A Proven Method to Assess and Prioritize ICS Cybersecurity Risk to Operations



Test the Effectiveness of Your Controls 


  • Cyber Factory Acceptance Testing: Ensure the system is secure and free from known vulnerabilities before it leaves the factory.

  • Cyber Site Acceptance Testing: Ensure the system is secure and free from known vulnerabilities before it is commissioned.

  • Penetration Testing: environment, identify system vulnerabilities and test if they can be exploited.


Security Implementation : Mitigate system vulnerabilities

The convergence of information technology (IT) and operational technology (OT), combined with the inter-connectedness of modern industrial operations, has created vast business value, but it has also created vast risk to operations and safety.

Undiscovered or unmitigated vulnerabilities can increase your attack surface. Network misconfigurations can cause unexpected downtimes. By adapting well-known vulnerability-management practices (such as aeCyberPatch™ patch management) or creating brand-new network optimization tools (such as aePCNOptimize™ network misconfiguration analysis), aeSolutions has developed tools, techniques and templates to help you segment and harden your networks, systems and accounts. We can help you to systematically identify, prioritize and mitigate your critical vulnerabilities and effectively reduce your attack surface to thwart would-be attackers.



Optimize and Harden

Your OT Endpoints



Security Operations : Establish resiliency

No one can create perfect security; in fact, experts agree that you should assume you will be breached. Therefore ‘protection’ is not enough – you must become ‘cyber resilient’ by mastering the practice of Security Operations: Rapid Detection, Effective Incident Response and Efficient System Recovery.

Security Operations Practices. aeSolutions has developed tools, techniques and templates to assist our customers to develop their Asset Management and Vulnerability Management practices, create and validate their Incident Response Plans, and assist with evaluating options to establish and staff a Security Operations Center (internal/MSSP/hybrid).

Security Operations Lab. Customers are encouraged to visit our Houston offices where we have established an ICS equipment/product testing lab. In addition to the ability to evaluate and test ICS IT and OT equipment, we have strategic relationships with several vendors of ICS Anomaly Detection products, and we can assist customers with hands-on product-comparison evaluations.



Monitor Your ICS