Secure Operations Technology

  • Conference Program
  • Cybersecurity
  • April 9, 2019
  • 11:10 am - 11:55 am

IT-SEC teaches us to “protect the information.” The goal of SEC-OT is not to protect the information, but to protect physical industrial operations from the information, more specifically from cyber attacks that may be embedded in information. After all – all cyber attacks are information. Secure Operations Technology is a perspective, a methodology and a set of best practices documented in this author’s new book. The book describes what thoroughly-secured industrial sites actually do. What they do is different from what most industrial sites do.
For example: most SEC-OT sites define a single control-critical network composed of one or more conventional industrial control system networks. SEC-OT sites carefully inventory all offline and online flows of information into that critical network. Since all attacks are information, a comprehensive inventory of information flows is also a comprehensive inventory of attack vectors. Secure sites then set about systematically blocking or strictly controlling all of these information/attack flows.
This presentation summarizes the SEC-OT methodology and best practices. A limited number of complementary copies of the new book will be available to attendees.