“OT for IT” Workshop Bern

“OT for IT” Workshop Bern

Zurück zur Übersicht
Lade Veranstaltungen

This vendor-independent workshop provides IT people an insight about Operational Technology.

Cyber Security is required – this is well understood and accepted, latest after the ransomware WannaCry hits the industry. IT security experts are supporting the OT colleagues to protect Laboratory and automation systems. There is an IT-framework available as governance documentation – but does it apply 1:1 to OT?

What is OT all about, what needs to be protected? The information or the business process supported by the OT-System. IT doesn’t want to protect the desktop as such, it is about the information – so why to protect then the PLC?

The workshop is designed from an engineer to use “IT-Language” to explain the situation to IT departments. The workshop explains the differences between IT and OT, how terminologies and definitions are used different in both worlds – or do even not exist. The attendee will get an comprehensive comparison of definitions, methodologies and principles to allow better management insight into the topic and to get management support to deploy solutions with the right maturity level – and not solutions for the solutions sake.

Delegates will learn and understand:

  • Industrial Standards (e.g. IEC 62443) strive for excellence – but what if the environment (people, systems) is innocent or „just” aware of the threats? We have solutions – but what are the problems- or causing the solutions (new) problems?
  • Principles to integrate OT into existing IT frameworks for better management support
  • What are the threats? Definition of sublevels for a common language to allow interdisciplinary analysis
  • Security principles to address the threats: network segmentation, proper backup strategies, malware protection and patch management?
  • Secure procedures in IT and OT – what are the differences in terminology and processes (e.g. Configuration Management, Definition of infrastructure)
  • Engineering requirementsto „IT-Services” and to understand the information that need to be provided to design them (e.g. RPO / RTO, Organizational Units, WSUS or SCCM?)
  • OT System “Scenarios” to address security controls in a language understandable by IT and OT
  • IEC 62443 principles- explained from an engineering point of view
  • OT Security – what about service integrators, suppliers? How to integrate them into a security framework?

Takeaways

  • After attending this workshop you’ll have
  • views to standards, security controls, IT security in general from an OT point of view, explained in your language
  • have a understanding of the differences IT/OT beyond CIA or AIC
  • you have a mechanism to understand threats, what to protect that may allow you to adjust the right investments, convince management
  • have a translation from IT terminology to OT terminology

Who Should Attend?

  • Automation Engineers & Project Leads involved in security programs to protect OTSystems
  • IT people who want to have an more deep insight in the OT environment

Location

Hotel Kreuz, Zeughausgasse 41, 3011 Bern

Participation Fee

Non ISSS Members: CHF 950.00 (excl. 7.7 % VAT)

ISSS Members: CHF 850.00 (excl. 7.7 % VAT)

The price includes the workshop, coffee breakes, lunch

Terms & Conditions

  • Cancellations between the 30th calendar day and the 7th calendar day before the start of the event: 50% of the costs
  • Cancellations 1 to 7 calendar days before the start of the event or in case of no-show, the full costs are to be paid
  • The above mentioned costs are waived if a substitute person participates
  • The written cancellation becomes legally valid only after ISSS has confirmed it in writing
  • If the date of the event is postponed, the same conditions listed above apply

 

Registration

*“ zeigt erforderliche Felder an

Name*
Terms & Conditions*

 

Referenten

Thomas Sturm

I’m a Senior Technical Expert with a strong background in automation in the pharmaceuticals and chemical industry. I have a strong experience with Process Control Systems (Emerson DeltaV), PLCs, Computer System Validation (CSV), SCADA, Data Integrity, Serialization.
I’m passionate about OT Security – coming from a solid „hands-on“ automation background I‘m being able to translate IT-Security controls to the OT environment. I have demonstrated project panagement skills as discipline lead or project lead in several projects.

Anmeldung

Nach oben