Protection of Industrial Control System/Operational Technology
Protection of Industrial Control System/Operational Technology- ICS/OT is dynamically growing area of security. It is given by the importance of those systems – whether it is part of critical infrastructure or manufacturing facility. Concurrently there is significant security deficit from the past. Combination of increased importance and relatively decreased security leads to more significant and dangerous impacts.
Aim is to introduce threats, vulnerabilities and impacts specific to ICS/OT environment and look into more details within one specific area. The specific area of focus cornerstone of any OT security – overview of its (ICS/OT) assets. The initial premise is that I cannot protect something I am unaware of. Operational and security teams are too often in the situation when they are unable to say if the assets/environment (for which they are responsible) is safe or in danger (e.g. cyber attack in the similar industry).
We look and compare cases when asset management is done maually vs. when it is done in (semi)automated way. Additionally we look at possibilities of vulnerability detection, anomaly detection, intruders detection. Last but not least is intro to related required reporting and auditing options for ICS/OT.
Ondřej Horník is member of Cyber Security Resilience team member in PwC. He has over 5 years of experiences in Risk Management and Information Security. Ondřej is skilled at risk assessments, asset management, security monitoring, business continuity & disaster recovery, supplier management and awareness. His expertise covers IT and ICS/OT (Industrial Control System/ Operational Technology) areas of Cyber Security. He is also interested in IoT/IIoT topic and its security aspects.