0      0

(ISC)2 Security Congress 2022

2101787 - Cybersecurity and risk in OT as convergence accelerates in a changing world

Oct 11, 2022 4:15pm ‐ Oct 11, 2022 5:15pm


Cybersecurity professionals are increasingly involved in analyzing the risk and security of Operational Technology (OT) and Industrial Control Systems (ICS). The OT and ICS context adds concerns over safety and reliability, and an increased focus on availability. The historical separation of OT and ICS from traditional IT leaves many questioning how to approach risk and developing security patterns and processes. The separation is blurred as more work employees from anywhere. This session addresses the business drivers for OT and ICS systems, a technical look at their function, and differences in developing a security solution. Technical discussion will explore micro-segmentation, zero trust defense, secure access zones, and passive and active monitoring. Two case studies demonstrate methods for risk analysis and architecting a solution to secure OT systems.

Learning Objectives:
  • Understand the business drivers involved in OT/ICS systems, including safety, and increased reliability and availability. Gain a knowledge of the historical separation of OT and IT and how this has become blurred. Understand the differences needed to secure OT/ICS.
  • Communicate business context, cybersecurity threats and solutions to bridge the gap between top business leaders, production level workers, OT/ICS and IT staff, and audit and risk teams. Learn how to develop a solution that brings these teams together.
  • Apply the principles from two case studies to incorporate zero trust defense, secure access zones, microsegmentation into cybersecurity solution architecture for OT/ICS. Learn how to integrate OT monitoring into IT cybersecurity SOC and CERT processes. Understand the approach needed design secure OT/ICS environments.


You must be logged in and own this session in order to post comments.