Building a Secure OT Network | SANS ICS Concepts

preview_player
Показать описание
In this concept overview, we are joined by Don Brown Associate Director of Cyber Security at Verista. Don is here to discuss his experiences deploying a security OT network architectures. He walks us through a presentation that outlines his approach to achieving good zones and conduits to implement a reliable and secure operating environment.

If you enjoy this video, and the topics we cover in the SANS ICS concept overviews, be sure to like and subscribe to this channel. Leave a comment if you have a question about this topic or suggestions for future content.

References

Don C Weber's Social Media:

Don Brown's Social Media:

Verista's Social Media:

SANS ICS Training:

  1. SANS ICS Security
  2. SANS Institute
  3. ICS
  4. SANS ICS
  5. SANSICS
  6. Industrial Control Systems
Рекомендации по теме
Building a Secure

Building a Secure OT Network | SANS ICS Concepts

OT Security Career

OT Security Career Path | How to get ready for OT Cybersecurity

Building a Secure

Building a Secure Foundation for Converged IT/OT Systems

ICS/OT Secure Remote

ICS/OT Secure Remote Access

The 'BIG' Difference

The 'BIG' Difference Between IT and OT Networks

What is OT

What is OT | What are OT Cyber Security Challenges | OT Security Solutions | What is ICS and SCADA

The Journey of

The Journey of OT security from OT Zero Trust to XDR

How to Build

How to Build an OT Security with Deep Defense Model by Sinclair Koelemij

Automation Clinic -

Automation Clinic - Supporting IT OT Integration with OPC UA with PLC Schneider M580.

How to Implement

How to Implement Network Segmentation in OT | Verve Industrial

ABB Cyber Security

ABB Cyber Security Reference Architecture – the key to secure OT-IT connections: Principles (2/3)

Webinar: Cybersecurity Best

Webinar: Cybersecurity Best Practices for IT/OT Networks

DOME Building Automation

DOME Building Automation / OT Network Cybersecurity Overview

OT Security Shop

OT Security Shop Talk: The OT Network and FortiGate Integration | Operational Technology

Building An OT

Building An OT Capable SOC

OT Network Architecture

OT Network Architecture | OT Cybersecurity Controls | Introduction to ICS/OT Pentesting

How to Create

How to Create a Comprehensive OT Security Management Program & Technology Stack | Verve Industri...

Securing OT and

Securing OT and Machine Networks - Siemens

How to Build

How to Build a Robust OT Cybersecurity Program | Verve Industrial

OT Cyber Security

OT Cyber Security - Building Secure Architectures

What Do Really

What Do Really Secure OT/ICS Sites do Differently Webinar APAC Recording

The Convergence (and

The Convergence (and Divergence) of IT and OT Cyber Security

Layered Blueprints for

Layered Blueprints for OT Security

OT Networking Fundamentals

OT Networking Fundamentals

Комментарии
Автор

Thank you for this video I am starting my first class in the IT realm and this video is helping me understand things much clearer.

Pirateable
Автор

this is amazing! thank you very much!!

sultanmo
Автор

Don't think he spoke about this but would you split up zones, like manufacturing, into sub-zones (vlans) that were protected by its own VRF to control east/west threat proliferation? Or is there little worry about 1 PLC somehow infecting another manufacturer PLC and instead the worry is a compromised PLC can then reach up to the SCADA server and it can then shut down everything. Just trying to figure out how flat or segmented we should make our networks.

joshuasanders
Автор

Good One, Practical One, Thanks for your time sir. where to get the PPT ?

tejasdrama
Автор

Very informative, and interesting! Thanks, and much appreciated! If I could suggest a similar session on risk assement/ tolerable risk (IEC 62443-3-2) for future vidoes?

akshaypotdar
Автор

This is a good starting point but in fact conduits are just firewall rules and you may need to enhance the OOTB capabilities of NGFW with extra insights from the likes of Claroty or Nozomi to make the inspection (controls) more accurate and offer a more astute level of detail - even if your FW has OT specific capabilities to recognize the more common protocols like Modbus and Profinet...you may not understand the flows and the involved risk - In terms of compartmentalization - your mileage may vary - some orgs. just isolate part of OT locally (containment of endpoints close to industrial estate) - other more integrated flows may need to be contained in VRF's mapping to zones for transport to datacenter or cloud based IT systems (warehouse management systems or ERP systems) etc. So it's a set of guiding principles and best current practices..to be implemented with respect to snowflake like use cases...

rikherlaar