Loading…
This event has ended. Visit the official site or create your own event on Sched.
Welcome to the interactive agenda for SecurityWeek’s ICS 2022 ICS Cyber Security Conference. Sessions are being finalized and the final program will include 4 FULL DAYS of content. (View the full conference website here) (You can Register for the IN-PERSON Conference and trainings here and register for virtual/online only access here)
Back To Schedule
Wednesday, October 26 • 9:40am - 10:15am
A PoC Methodology to Choose the ‘Right’ OT Monitoring Tool

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
OT monitoring is one of the essential cybersecurity controls for OT environments. It supports organizations in multiple cybersecurity domains, namely asset management, vulnerability management, and security monitoring. Products within the OT monitoring space have matured immensely over the past few years. These products typically rely on passive network monitoring, and most also utilize some sort of active scanning (although the latter is being masked under different names for marketing purposes). There are multiple vendors in the market, and it is difficult for organizations to select the ‘right’ one.

To devise a repeatable methodology that helps organizations assess the major players in the OT monitoring space, our first step was to create a testbed by means of an OT lab environment. Using different types of devices, including OT, IIoT, and IT, various industrial systems were built to simulate real-life processes. Additionally, the selection of the devices was diversified in terms of technology, vendor, make and model, protocols, and deployment architecture. We then devised a methodology that assesses candidate tools across the following functional areas:
  • IT Asset Detection
  • OT Asset Detection
  • IT Asset Identification
  • OT Asset Identification
  • IT Vulnerability Detection
  • OT Vulnerability Detection
  • Threat Detection
  • User Interface
  • Integrations

Applying a methodology to our testbed environment, over 4 weeks of a PoC, generated interesting and insightful results (as well as questions). The various candidate tools, namely Claroty, CyberVision, Defender for IoT, Nozomi, Tenable.ot, performed to varying degrees, some excelling significantly in certain domains over others. The PoC validated that the methodology used was a practical framework that is customizable for organizations’ needs. Since then, this PoC methodology has been adapted and applied to multiple organizations in various industries.

Join this session as Raphael explains the PoC methodology that helps organizations choose the ‘right’ OT monitoring tool.
Speakers
avatar for Raphael Arakelian

Raphael Arakelian

Manager, OT & IoT Security Team, PwC
Raphael Arakelian is a Manager in the ‘OT & IoT Security Team’ at PwC Canada. He is the national lead of PwC Canada’s ‘OT Monitoring Implementation Services’, where he has conducted PoC evaluations as well as implementations for mid-to-large scale industrial organizations... Read More →

Wednesday October 26, 2022 9:40am - 10:15am EDT
Windsor Ballroom
  Main Stage