Presented by Jack Marsal, Senior Director, Product Marketing at Armis
The typical ICS environment is no longer the impregnable air-gapped network that it once was. It has been connected to the enterprise network, to the Internet, and to business partners who provide remote support. So while the traditional Purdue reference architecture is still “the” model, in most real-world environments it has lost its integrity. Attackers can find their way into your OT environment through new connected devices and converging networks.
To address this problem, enterprises need a comprehensive security approach that secures both IT and ICS environments. Such a platform needs to be able to:
- Generate a comprehensive inventory of all connected devices (OT & IT)
- Identify risks associated with every device
- Monitor the behavior and communication patterns of every device
- Identify policy violations such as deviations from the Purdue reference architecture
- Detect attack techniques such as those listed in the MITRE ATT&CK model
- Take automated actions to thwart attackers
This presentation will discuss practical approaches to achieving these goals including what to look for from security vendors.