This vendor-independent workshop provides IT people an insight about Operational Technology.
Cyber Security is required – this is well understood and accepted, latest after the ransomware WannaCry hits the industry. IT security experts are supporting the OT colleagues to protect Laboratory and automation systems. There is an IT-framework available as governance documentation – but does it apply 1:1 to OT?
What is OT all about, what needs to be protected? The information or the business process supported by the OT-System. IT doesn’t want to protect the desktop as such, it is about the information – so why to protect then the PLC?
The workshop is designed from an engineer to use “IT-Language” to explain the situation to IT departments. The workshop explains the differences between IT and OT, how terminologies and definitions are used different in both worlds – or do even not exist. The attendee will get an comprehensive comparison of definitions, methodologies and principles to allow better management insight into the topic and to get management support to deploy solutions with the right maturity level – and not solutions for the solutions sake.
Delegates will learn and understand:
- Industrial Standards (e.g. IEC 62443) strive for excellence – but what if the environment (people, systems) is innocent or „just” aware of the threats? We have solutions – but what are the problems- or causing the solutions (new) problems?
- Principles to integrate OT into existing IT frameworks for better management support
- What are the threats? Definition of sublevels for a common language to allow interdisciplinary analysis
- Security principles to address the threats: network segmentation, proper backup strategies, malware protection and patch management?
- Secure procedures in IT and OT – what are the differences in terminology and processes (e.g. Configuration Management, Definition of infrastructure)
- Engineering requirementsto „IT-Services” and to understand the information that need to be provided to design them (e.g. RPO / RTO, Organizational Units, WSUS or SCCM?)
- OT System “Scenarios” to address security controls in a language understandable by IT and OT
- IEC 62443 principles- explained from an engineering point of view
- OT Security – what about service integrators, suppliers? How to integrate them into a security framework?
- After attending this workshop you’ll have
- views to standards, security controls, IT security in general from an OT point of view, explained in your language
- have a understanding of the differences IT/OT beyond CIA or AIC
- you have a mechanism to understand threats, what to protect that may allow you to adjust the right investments, convince management
- have a translation from IT terminology to OT terminology
Who Should Attend?
- Automation Engineers & Project Leads involved in security programs to protect OTSystems
- IT people who want to have an more deep insight in the OT environment
Hotel Kreuz, Zeughausgasse 41, 3011 Bern
Non ISSS Members: CHF 950.00 (excl. 7.7 % VAT)
ISSS Members: CHF 850.00 (excl. 7.7 % VAT)
The price includes the workshop, coffee breakes, lunch
Terms & Conditions
- Cancellations between the 30th calendar day and the 7th calendar day before the start of the event: 50% of the costs
- Cancellations 1 to 7 calendar days before the start of the event or in case of no-show, the full costs are to be paid
- The above mentioned costs are waived if a substitute person participates
- The written cancellation becomes legally valid only after ISSS has confirmed it in writing
- If the date of the event is postponed, the same conditions listed above apply
„*“ zeigt erforderliche Felder an