Doug Wylie, Director, Industrials & Infrastructure Portfolio, SANS Institute

Securing OT Systems Requires Specialized Tools And Approaches

  • CISOs must embrace their leadership role so they can communicate a clear perspective on risks that affect the company, the employees, customers, and the community.
  • Recognize that security is not an absolute state. It must evolve because new risks emerge, threats change, and companies change, as do people and processes.

“In OT environments, you have to use utilities that know where to look, how to look, and can provide that complete view, including considering the operational mode of the system.”

Doug Wylie, director of industrial and infrastructure practice at SANS Institute, recognizes that historically there has been a separation between IT and OT security. “OT security was all about the four walls of the factory, the guards, and the gates,” he says. But software-driven industrial controls are changing that. “As the world becomes more digitally connected inside and outside the factory, there is a blending of OT and IT systems. In many respects, security has given those two domains a reason to start interacting,” he explains.

This is an excerpt from Reducing Industrial Risk. The eBook was generously sponsored by PAS.