For cybersecurity teams and engineers
The Security Engineering Tool (SET) unites cybersecurity and engineering—enabling your team to integrate engineering expertise into cybersecurity risk assessments. Focus on safeguarding your plant, processes, and business while meeting compliance requirements like NIS-2 and CRA effortlessly.
Contact an expert
1. Risk assessments are lost in the noise of technical cyber details, neglecting the bigger picture: protecting your plant, processes, and business outcomes.
2. For the bigger picture, engineering knowledge is needed—but it is too often locked away in engineers' minds—and thus inaccessible to your team.
3. You are wasting valuable time and money while chasing every 'best practice'—instead of targeting those actions that really matter and lower your cybersecurity risk.
What happens if you do not address this?
Failing to act means your team risks getting bogged down in ineffective practices, wasting time and resources while leaving your plant and processes vulnerable to the real-world risks that matter.
SET bridges the gap between cybersecurity and engineering, allowing engineers to contribute their expertise without additional complexity.
It empowers your team to focus on real-world impacts, ensuring security and operational efficiency while streamlining compliance with IT and OT standards.
By uniting IT and OT challenges, SET delivers actionable risk analysis, and enables you to confidently meet auditor and stakeholder expectations.
Contact an expert„I have seen Sarah and her team in action and I can confirm that these processes work wonders. highly recommended.”
Mitchell Impey
Former ICS Security Manager, Norlys
„Until recently, our IT department didn't have the confidence to work on our devices and I didn't know how to explain the context to the admins in a way they could understand. Security aspects often went unnoticed as a result. With the support of the admeritia team, I finally found a clear language to connect IT and OT. Thanks to their comprehensible presentation of network models and functions, our IT is now actively involved. Collaboration is noticeably more efficient and we are implementing meaningful measures together - something I previously thought was impossible.”
Process Control Engineer
Chemical Company
„Risk analyses used to feel like endless, pointless spreadsheet work. I filled out Excel lists without understanding what use they had. With SET and the support of the team, this has changed. The risks are now clearly structured and prioritized, and every measure makes sense. Instead of filling tables, we work along the functions of our plant. I can finally see how the risk analyses really contribute to improving our plant safety - a real relief and time saver.”
OT Security Manager
Operator of Critical Infrastructures
„Previous consultants worked rigidly according to checklists without really understanding our plants. Their recommendations were mostly unrealistic and impossible to implement. With Sarah and her team, it was different: they took a close look at our systems and processes to develop realistic, reasonable security measures. The recommendations were clearly prioritized, so we knew where to start. For the first time, I felt like I was working with experts who really understood us and offered actionable solutions.”
Operation Manager
Operator of Critical Infrastructures and Incident Operations
SET features cyber decision diagrams—a scientifically proven method that simplifies complex technology, making it easy for engineers to provide valuable insights without additional training.
The workflow revolves around system functions which ensures the real-world focus and declutters the risk assessment.
It enables engineers to contribute critical system and process knowledge, so that the cybersecurity team can design, deploy, and maintain effective OT security programs that address risks without disrupting operations—engineering informed cybersecurity.
SET guides you efficiently through a proven and tested OT cybersecurity risk assessment workflow, even if you have never done a risk assessment before.
Its built-in libraries and automation eliminate the time-consuming burden of starting from scratch, significantly reducing data entry.
By leveraging expert knowledge and standardized OT security blueprints from hundreds of similar assessments, SET ensures you can confidently make your cybersecurity decisions and apply engineering expertise effectively.
SET simplifies compliance by providing clear, self-explanatory cyber decision diagrams and comprehensive evidence of your cybersecurity risk assessments.
With its function-based methodology, you confidently demonstrate your understanding of technology and meet regulatory standards like NIS-2, CRA, ISO 27001, and ISA/IEC 62443.
Impress authorities and stakeholders with reports that are compliant and easy to understand—delivered at the push of a button.
Determine the high-consequence events you must avoid to protect your plant, processes, and business. Efficiently involve engineers and management as a reality check to ensure assessments focus on what truly matters.
Use our scientifically approved cyber decision diagrams to map your system functions and architecture, making it easy for engineers to contribute knowledge and for non-technical staff to understand. With built-in libraries, you’ll never start with a blank page.
Systematically identify system functions that pose the greatest real-world risk, helping your team allocate resources effectively and avoid unnecessarily bloating your risk assessment.
For your critical functions, create and assess specific risk scenarios and document the requirements that matter for mitigating them. SET’s libraries offer all relevant standards like ISO/IEC 27001, ISA/IEC 62443, the NIST Cybersecurity Framework, and several industry-specific standards, ensuring regulatory alignment.
Provide clear, audit-ready reports that showcase your risk assessments and compliance efforts—whether for NIS-2, CRA, or industry standards. SET delivers proven and tested, audit-ready documentation that impresses authorities and auditors—all at the push of a button.
Since 2004, admeritia specializes in providing cybersecurity solutions for industrial sectors and critical infrastructure. With a team of experienced engineers and cybersecurity experts, we have guided 760+ companies across diverse sectors toward clear, pragmatic cybersecurity solutions and compliance with regulatory standards.
SET represents the culmination of more than 20 years of industry practice, government-funded research, and active contributions to global standardization efforts, including ISO/IEC 27001 and ISA/IEC 62443.
SET is a cost-efficient tool for performing consistent cybersecurity risk assessments. It enables engineers to share critical system and process knowledge with cybersecurity teams, ensuring compliance with regulatory standards and focusing on real-world risks.
Absolutely. SET stays up-to-date with evolving standards and regulations, and we don’t just monitor them—we help shape them.
SET is designed for OT cybersecurity teams and engineers working together. It helps engineers contribute their operational expertise while ensuring cybersecurity teams manage compliance and risk effectively—all without overburdening anyone.
Yes, SET features a step-by-step guided workflow that simplifies the risk assessment process, making it faster, easier, and more consistent—even for those new to risk assessments.
SET saves engineers and cybersecurity teams time with automation and libraries, simplifying data entry and reducing repetitive tasks. This ensures assessments are efficient without adding unnecessary work to engineers' plates.
Yes, SET includes built-in compliance evidence capabilities, ensuring adherence to regulations like NIS-2, CRA, ISO 27001, and ISA/IEC 62443, while delivering reports that auditors and stakeholders can easily understand.
SET provides intuitive charts and graphs for comparing OT cyber risks across multiple sites. Drill-down capabilities offer detailed insights into individual site risks, empowering management with a clear overview.
SET offers a cost-effective, scalable alternative to external consultants. It empowers in-house teams to maintain control, ensures compliance, and delivers consistent results without ongoing dependency on outside expertise. That said, if you do prefer some consulting to get your risk assessments up to speed, admeritia -- the consulting company that created SET -- is happy to help, click here.
SET focuses on engineer-driven assessments and actionable insights tailored to your specific sites. Unlike generic solutions that rely on high-level scoring, SET ensures real-world relevance and accuracy.
SET saves time and resources through automation, pre-built libraries, and a streamlined workflow. This efficiency enables faster, more accurate assessments while reducing costs associated with manual processes or external support.
Cyber-informed engineering is a great concept, but it implies that engineers shoulder the cybersecurity burden. With our small twist to “engineering-informed cyber”, the emphasis is on the core point: That engineers’ knowledge is used for cybersecurity assessments. No matter who actually does them.
SET is available both as Software as a Service (SaaS) and On-Premise. The functionality of both versions is identical. You can choose which option best suits your needs.
SET is a web application that runs in your browser—it does not need access to any of your critical systems. SET doesn’t scan any assets and doesn’t need any agents. All we do is scan your engineers’ brains ;)
The cyber decision diagrams, a core concept behind SET, has been developed in a three-year government-funded research project on security by design. Its benefits have been validated in real projects at two large companies (chemical sector, component manufacturer). Dive deeper into the results at https://openhsu.ub.hsu-hh.de/entities/publication/16760.