Welcome to the Interactive Agenda for SecurityWeek’s 2020 ICS Cyber Security Conference! (View the full conference website and register for the conference here)

Back To Schedule
Wednesday, October 21 • 11:15am - 12:00pm
IT vs. OT: Comparing Process Control Room and SOC Operations

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Partially because the industry is now exposed to security threats such as external connectivity to the Internet and the use of standard hardware and software, from which it was historically isolated. And partially because the potential impact of attacks on critical infrastructures and societal wellbeing can no longer be ignored. Meanwhile, many IT security experts are getting involved in the protection of industrial control systems against cyber-threats, including the establishment of consolidated IT-OT SOCs. However, the harmonization of modern IT security approaches and the traditional process control culture is far from reality. The purpose of this presentation is twofold. Firstly, to help IT security experts understand the specifics of OT environments as well as the associated vocabulary and mindset. Secondly, to address the challenges of monitoring and reacting to ICS threats by the means of established IT SOC procedures.

Using the example of monitoring functions of IT infrastructure and industrial processes, as well as two seemingly very dissimilar job functions such as SOC Analyst (IT) and Control Center Operator (OT), it will be shown that both job functions are in essence very similar and offer cross-learning opportunities. We will highlight the similarities and peculiarities of two fields in key areas such as vocabulary, types of anomalies/events/threats, SIEM vs. HMI applications, alarm configuration and management, anomaly detection, event logging, and others. We will also show that consolidated IT-OT SOC may require special considerations and Standard Operating Procedures (SOP) to accommodate response time expected in the OT domain.

It is hoped that after this presentation, IT security experts will have a much better understanding of daily OT operations and the associated ecosystem, and get one step closer to achieving much discussed "IT-OT Convergence".

avatar for Marina Krotofil

Marina Krotofil

Cyber Security Professional
Marina Krotofil is a cyber security professional with a decade of hands-on experiences in advanced methods for securing Industrial Control Systems (ICS). She is also an experienced Red/Blue Teamer who contributed research on novel attack vectors, exploitation techniques and design... Read More →

Wednesday October 21, 2020 11:15am - 12:00pm EDT
Main Stage