Operational Technology (OT) Security
Facebook Twitter LinkedIn

Operational Technology (OT) Security

Combined Session
Thursday, November 11, 2021 12:00—13:00
Location: Historic Kassenhalle

Detection, Deception, and Response - The Role of NDR and DDP in Securing OT and ICS

Operational tech and Industrial Controls environments sometimes lack visibility of the unique threats they face. Many ICS and IIoT devices cannot run endpoint security software. Network Detection & Response (NDR) tools operate at the network level, with the ability to examine traffic on all network segments if properly deployed. Different vendor products in this space provide coverage for a variety of OT/ICS protocols, giving insights to possible malicious activities in those settings, and the means to mitigate attacks. Distributed Deception Platforms (DDPs) are leading-edge solutions that can mimic Enterprise IT and OT/ICS devices, sensors, and networks. The motivation here is to draw would-be attackers into the fake environment, away from production assets, and learn the Tactics, Techniques, and Procedures (TTPs) that they use. Each solution in this market is somewhat different in terms of its ability to emulate OT/ICS assets, and how they're managed. DDPs can provide tailored cyber threat intelligence to customers to help thwart adversaries.

John Tolbert
John Tolbert
Background: John Tolbert is a Lead Analyst and Managing Director of KuppingerCole, Inc (US). As Lead Analyst, John covers a number of different research areas, outlined below. John also advises...

Using AI to Precisely Detect Anomalies in the OT Process

Artificial Intelligence and machine learning techniques are vital to automating the detection and analysis of cybersecurity and OT system incidents. However, a full understanding of the process being monitored, including its communications and assets, is needed to avoid deluging security teams with anomalous events. This session looks at how AI can be used to precisely identify anomalies in the OT process indicative of equipment failure, a cyberattack or a system problem. A combination of process parameter deviation information, and rules that detect specific data and events from a stream of network traffic, make for a powerful threat hunting tool.

Chris Grove
Chris Grove
Nozomi Networks
Chris brings more than 25 years of cybersecurity experience with deep knowledge of IT, OT and IoT networks and mission-critical infrastructure. His prior experience includes managing large,...

OT Security - The Weak Point Is the Periphery

Most successful attacks against production environments don‘t reach into the actual industrial systems. They destroy the availability of the associated communication and database servers. Their vulnerability should be given the highest attention by those responsible for security.

Dr. Johannes Wiele
Dr. Johannes Wiele
Jungheinrich AG
Dr. Johannes Wiele works as Manager OT-Security for Jungheinrich AG in Germany. After having studied philosophy and political science at the University of Münster, he stepped into...


On-Demand Access
Re-live CSLS 2021
Watch more than 90 sessions on-demand
Download all available presentations
Subscribe for updates
Please provide your email address