Black Hat , Endpoint Security , Events
Addressing the OT SOC Challenges in Industrial Environments
EY's Piotr Ciepiela Discusses Key Challenges in Implementing, Maintaining OT SOCsOT security operations centers differ significantly from traditional IT SOCs because of the tight integration with physical systems and complexity of production environments, said EY's Piotr Ciepiela.
See Also: 2024 Threat Landscape: Data Loss is a People Problem
Unlike traditional IT systems, Ciepiela said, OT environments require around-the-clock monitoring because physical systems such as motors and valves can affect safety and harm people. To address the specific demands of industrial environments, OT systems require specialized tools, knowledge and skill sets tailored to the space given their unique protocols and continuous operation schedules, he said (see: Why Critical Infrastructure Requires Proactive OT Defense).
"In order to set this up in the correct way, you need to know that the production environment works in a 24/7 manner," Ciepiela said. "It has a different set of systems, and also it's complicated. Most of the time, different sites operate in a different manner, whereas in IT, we usually have a centralized approach. So we need to understand that and have a dedicated setup for each and every site."
In this video interview with Information Security Media Group at Black Hat 2024, Ciepiela also discussed:
- The challenges of securing OT environments, including tool and skill requirements;
- The importance of asset visibility in boosting operational technology security;
- Strategies for integrating OT and IT SOCs and the benefits of phased unification.
Ciepiela focuses on areas including OT/IoT, cloud computing, quantum computing and AI. He also specializes in critical infrastructure protection for the European Union and national governments. He is a co-author of several international standards for security and emerging technologies. Ciepiela participates in the creation of international standards and supports governments in critical infrastructure protection.