Presented by NebraskaCERT
Industrial Controls Systems are increasingly vulnerable to attack. Organizational budgets don’t always allow for the full replacement of operational technology (OT) or building automation management (BAM) equipment that was initially purchased on a longer lifecycle than most typical IT purchases. Security is becoming paramount to ensuring access to critical systems and information and continues to be an exploitable risk in organizations, even during a pandemic, due to ransomware, phishing, and poor asset management techniques. Strategic security that is aligned with your organization needs to be balanced with the budget, risk, and organizational culture.
How do organizations implement critical security controls while still supporting the goals of production, user experience, and efficiency? When buildings are designed and built, and the building administration systems are put into place, how does this impact the risk of healthcare, manufacturing, or financial organization? Are those systems part of the cybersecurity risk analysis?
During this presentation, attendees will review best practices on both sides of the ICS security and IT security continuum. In addition, a simple approach that focuses on the fundamentals of security to reduce risk in these environments is presented. Attendees will walk away from this workshop with actionable knowledge on how to facilitate the conversation as to how OT/BAM security and IT security must work together to align risk with cost in most environments.
Presenter: Matt Morton • Board Member for NebraskaCERT