Why are organizations struggling to get the basics of OT Asset Visibility & Detection right?
Due to increasing awareness and/or Board/Compliance requirements, many organizations conduct a preliminary risk assessment to initiate their OT specific Security program. One of the initial steps is to generate an inventory of OT assets, which used to be a rudimentary spreadsheet exercise. With the wide availability of OT asset discovery tools, many go down that path via a proof of concept/value. Besides inventory, asset visibility, network security monitoring and threat detection are evaluated as part of this process. This talk will focus on technical considerations, lessons learnt and best practices from performing these POC/POV, and covers challenges including availability of infrastructure (span ports/tap, routing, bandwidth), archaic protocol implementations, organizational policies for network flows, risk appetite for active probing on low traffic networks and installing agents on HMIs & EWS, and finally the collaboration required of OT & IT personnel for successful implementations.
Due to a speaker travel issue, this session will be presented remotely
Vivek Ponnada is an OT practitioner with global (14 countries) experience and currently works at Nozomi Networks as a Regional Sales Director. Having started his career in ICS as an Instrumentation Technician, Vivek became a Controls Engineer and commissioned Gas Turbine Controls... Read More →
Wednesday October 26, 2022 3:45pm - 4:30pm EDT
Windsor DE
