(CS)²AI REPLAY:Why Organizations Struggle to get OT Visibility & Detection Right

Tales From the Trenches – Why Organizations Struggle to get OT Visibility & Detection Right

Whether it’s due to increasing awareness or due to Board/Compliance requirements, most OT Security programs start with a preliminary risk assessment. One of the initial steps is to get a list of OT assets, which used to be a rudimentary spreadsheet exercise. With the wide availability of passive OT asset discovery tools, many go down that path via a Proof of Concept to generate Asset Inventory.

This talk focused on lessons learnt from the trenches performing the proof of concepts and covers challenges including availability of infrastructure (span ports/tap, routing, bandwidth), archaic protocol implementations, organizational policies for network flows, risk appetite for active probing on low traffic networks, OT & IT personnel knowledge of each other’s domains, and finally budgeting.