$ PolyEnergia IT/OT Cybersecurity Strategy (French Project)

PolyEnergia is a fictional industrial organization used to explore how cybersecurity strategy can be built for a mixed IT and OT environment. The scenario focuses on a polymer production site with internal cogeneration, business-critical flows, industrial constraints and external dependencies that directly affect operational resilience. The analysis starts with the organization itself: key processes, sensitive assets, IT and OT systems, supplier access, production dependencies and critical data flows. From there, the work connects technical exposure to business impact, including ransomware with OT rebound, supplier account compromise, recipe alteration, SCADA cogeneration disruption and leakage of formulas or quality data. The strategy turns those risks into practical governance and security decisions. It covers IEC 62443-inspired zones and conduits, bastion and MFA for remote access, OT change logging, supplier security clauses, vulnerability monitoring, Information Systems Security Policy, Business Continuity and Disaster Recovery planning, crisis exercises, awareness actions, budget framing and KPI-based steering. The project was originally completed in French. English equivalents are used here for the main governance terms so the case study remains easier to read for an international cybersecurity audience.