Evénement externe – 22 mars 2023 à Bern, « OT for IT”
Externe - 22/03/2023
This vendor-independent workshop provides IT people an insight about Operational Technology.
Cyber Security is required – this is well understood and accepted, latest after the ransomware WannaCry hits the industry. IT security experts are supporting the OT colleagues to protect Laboratory and automation systems. There is an IT-framework available as governance documentation – but does it apply 1:1 to OT?
What is OT all about, what needs to be protected? The information or the business process supported by the OT-System. IT doesn’t want to protect the desktop as such, it is about the information – so why to protect then the PLC?
The workshop is designed from an engineer to use “IT-Language” to explain the situation to IT departments. The workshop explains the differences between IT and OT, how terminologies and definitions are used different in both worlds – or do even not exist. The attendee will get an comprehensive comparison of definitions, methodologies and principles to allow better management insight into the topic and to get management support to deploy solutions with the right maturity level – and not solutions for the solutions sake.
Delegates will learn and understand:
Industrial Standards (e.g. IEC 62443) strive for excellence – but what if the environment (people, systems) is innocent or „just” aware of the threats? We have solutions – but what are the problems- or causing the solutions (new) problems?
Principles to integrate OT into existing IT frameworks for better management support
What are the threats? Definition of sublevels for a common language to allow interdisciplinary analysis
Security principles to address the threats: network segmentation, proper backup strategies, malware protection and patch management?
Secure procedures in IT and OT – what are the differences in terminology and processes (e.g. Configuration Management, Definition of infrastructure)
Engineering requirementsto „IT-Services” and to understand the information that need to be provided to design them (e.g. RPO / RTO, Organizational Units, WSUS or SCCM?)
OT System “Scenarios” to address security controls in a language understandable by IT and OT
IEC 62443 principles- explained from an engineering point of view
OT Security – what about service integrators, suppliers? How to integrate them into a security framework?
After attending this workshop you’ll have
views to standards, security controls, IT security in general from an OT point of view, explained in your language
have a understanding of the differences IT/OT beyond CIA or AIC
you have a mechanism to understand threats, what to protect that may allow you to adjust the right investments, convince management
have a translation from IT terminology to OT terminology
Who Should Attend?
Automation Engineers & Project Leads involved in security programs to protect OTSystems
IT people who want to have an more deep insight in the OT environment
Hotel Kreuz, Zeughausgasse 41, 3011 Bern
Non ISSS Members: CHF 950.00 (excl. 7.7 % VAT)
ISSS Members: CHF 850.00 (excl. 7.7 % VAT)
The price includes the workshop, coffee breakes, lunch