Socwise logo

WEBINAR: IT/OT attack and response simulation

Learn how an attack runs in Fusion SOC and how the team handles it

Date & Time

// ENDED

Where?

Online

Who?

For IT and OT Professionals working in industrial environment

Overview:

One strong trend within the change of the cybersecurity threat landscape is that adversaries seek to compromise industrial networks. However most CISOs agree with the importance of protecting ICS segments of the network, this approach in many cases lacks a clear, holistic defense strategy. In many organizations, there are different maintenance and operations teams for the office IT and the industrial IT – referred to as OT. Deriving from this status quo sometimes the OT management independently decides about the cybersecurity or the IT departments follow an air-gap or segmentation strategy.

The SOCWISE expert teams have built up and operate several fusion SOCs, which means that both IT and OT security is covered by a respective strategy, containing slightly or dominantly different elements on all people, process, and technology layers. On the people layer, there are mostly similarities, meaning threat awareness and individualized competence development for each specific role is the way to follow. On the process level, the difference is more significant due to the different priorities - having safety first, which is closely followed by continuity in production. There is just limited flexibility within OT processes but on the other way, the complexity of them might be lower. Through the technology layer, there are both similarities and differences. The similarity is brought by the leading trend of production digitalization, which results in similar technologies to grow (server-client infrastructures, cloud, IoT, machine learning, digital twin, etc.), but still, the non-intrusive nature of security tools is a must and due to the utilization of industrial network communication protocols another portfolio of sensors and perimeter security instruments are necessary.

What is Fusion SOC?

Fusion SOC is the security operations organization that is responsible for the detection and response of both IT and OT networks.

What are the benefits of a Fusion SOC?

∙ The maximum visibility over suspicious activities
∙ Cost efficiency
∙ Be really fast in response
∙ Transparency by following the same policies

Learn how an attack runs in Fusion SOC and how the team handles it!

The following technologies are leveraged for the demo:

∙ NetWitness SIEM-XDR
∙ Palo Alto xSOAR
∙ Trend Micro Edge IPS and OT Defense console
∙ SCADAfence passive OT network security monitoring
∙ Siemens PLC, HMI

About presenters:

Gergely Lesku

Gergely has 20 years’ experience in IT-OT system integration area, including but not limited to cyber security operations. Understanding operational performance and finding the most effective solution design describes mostly his added value. Gergely is certified in OT security consulting, which is based on the experience of leading several industry 4.0 and smart city projects.”

Peter Hunyadi

My name is Peter, I’m from Hungary and working for EURO ONE. As a security professional focused in ICS/OT securit, I’m mostly interested in critical infrastructure protection and any cyber-physical aspects of cyber threats.

Gabor Szabo

Gabor Szabo held leader roles at global Financial, Commerce and Oil & Gas organizations in the fields of Cyber Security Operations, Management and Engineering. Utilizing 15+ years experience in defense arhitecture design and incident response, Gábor is focused on the development of IT and ICS SOCs.

Don't miss this exciting event, register!

apartmentcogeyeusersmap-markercalendar-fullcrossmenu