Sovereign · Sector-aware · Always on

Sovereign incident response for the systems Australia runs on.

OT, IoT, and ICS incident response for energy, utilities, and transport operators — Australian-owned, onshore, 24/7.

Engage xCIRT Services
Services

Incident response built for the cloud-to-edge path.

Sector-aware playbooks, OT/IoT-native containment, and SOCI-aligned reporting — delivered onshore by Australian responders.

Asset Discovery

Discover, classify, and inventory the IT, OT, and IoT assets across your estate — the foundation every other control rests on.

OT/IoT Incident Response Plan

Sector-aware IR plans that respect the realities of the plant floor — containment, recovery, and reporting designed for OT.

CI Security Assessment

A scoped, sector-aware assessment of your cyber posture across IT, cloud, OT, and IoT — with prioritised remediation.

OT-Aware Incident Response Training

Tabletop exercises and simulations for blended IT/OT incidents — built for operations, engineering, and security to drill together.

Sovereign Cybersecurity Consultation

Strategic advisory for CISOs, risk leads, and boards navigating SOCI, CIRMP, and sovereign cyber decisions.

Sector-Specific Incident Response Playbooks

Battle-tested playbooks for sector-specific incident scenarios — yours to use, updated as the threat landscape moves.
Sectors

The systems Australia runs on.

Energy, water, and gas keep the country running. Ports, rail, and aviation keep it moving. xCIRT defends the cloud-connected OT and IoT estates underneath all of them.

Energy

Generation, transmission, distribution — cloud-connected control systems and DERMS at the heart of the grid.

Water

Treatment plants, pump stations, and IIoT-connected field assets — where a setpoint change has public-health consequences.

Gas

Transmission, distribution, and processing — cloud-connected control of high-consequence assets.

Ports

Terminal-operating systems, cargo-management, and OT on cranes and field assets — where downtime stops trade.

Rail

Signalling-adjacent IT, depot OT, and connected fleet systems — where availability and safety are the same conversation.

Aviation

Ground systems, airport OT, and the cloud-connected platforms supporting aviation operations.
Why xCIRT

Built for Australian critical infrastructure.

Generic IT security firms aren't built for the plant floor. Foreign-headquartered primes can't promise sovereign delivery. xCIRT sits in the gap.

Sovereign by default

Australian-owned, Australian-staffed, onshore-only data handling. Your incident data never leaves the country, and no foreign disclosure regime applies to it.

Two-hour response target

Named on-call engineers under retainer, sector-aware from the first call. We aim to be triaging your incident inside two hours — not three to six.

OT/IoT, not just IT

PLCs, SCADA, RTUs, IIoT gateways, historians — and the cloud workloads they talk to. Responders who understand that taking a controller offline is not a casual decision.

Frameworks & Standards
SOCI Act CIRMP AESCSF IEC 62443 ASD Essential Eight NIST SP 800-82

Latest insights

View all →
2 min read

Sovereign incident response for OT: why it actually matters

Sovereignty in cyber gets used loosely. For a critical-infrastructure operator dealing with an OT incident, here is what it actually changes — and why generic 'cyber sovereignty' marketing misses the point.

sovereigntyincident-responseotsoci

Need an Australian responder, now?

Retainer engagements, scoped pilots, and SOCI-readiness packages. Talk to us about what your critical-infrastructure estate needs.

Engage xCIRT View Services