OT Security – Fundamentals

Aperçu du cours

According to Gartner, OT security is defined as « the set of practices and technologies used to (a) Protect people, resources, and information, (b) Monitor and/or control devices, processes, and events, and (c) Initiate change within enterprise OT systems. » OT security solutions span a wide range of security technologies, from next-generation firewalls to SIEM systems, and deploy different layers of protection.
Historically, OT-specific cybersecurity was not necessary, since OT systems were not connected to the Internet. Therefore, they were not exposed to external threats. As digital innovation initiatives progress, and IT and OT networks converge, companies have tended to deploy standalone tools to address specific issues. These approaches to OT security have resulted in a complex network that no longer shares information or provides the necessary visibility.
Often, IT and OT networks operate separately, resulting in a duplication of security efforts and a lack of transparency in operations. These IT/OT networks cannot track what is happening across the entire attack surface. Because of different referees in security organization of both platforms, this results in two separate security teams protecting their respective network perimeters.
When looking into OT, the biggest subset is ICS. ICS (Industrial Control System) is a broad term that embodies both SCADA and DCS.