Answering the Big Question: Has My OT Been Compromised?
Vložit
- čas přidán 29. 08. 2024
- Determining an OT compromise is crucial in incident response, impacting business continuity, safety, and regulatory compliance. This presentation targets the core challenges in recognizing OT breaches: scarcity of EDR deployment, inadequacies in IDS tuning, skill gaps within OT teams, and overlooked security log and telemetry data. Through case studies from OT IR engagements, I will examine these obstacles to pinpoint common threat actor indicators that signal a confirmed OT compromise. The aim is to equip OT and cybersecurity professionals with the necessary tools and confidence for effective response during OT incidents. Our discourse moves from problem exposition to empowerment, enabling practitioners to navigate OT IR engagements with assurance and strategic foresight.
SANS ICS Security Summit 2024
Answering the Big Question: Has My OT Been Compromised?
Gabriel Agboruche, Cybersecurity Manager (Operational Technologies), Accenture
View upcoming Summits: www.sans.org/u/DuS
