PAS: Leveraging IT/OT – Convergence and Developing Effective OT Cybersecurity

The book includes insights from the following experts:

• Elewa Ali, Senior Control System Engineer, SABIC, Recommendations For Building A Comprehensive ICS Cybersecurity Program >>
• Michael Jacobs, Principal ICS Security Architect, Saudi Aramco, OT Security Begins With People, Understanding The Environment, And Selecting The Right Controls >>
• Luiz Cançado, Industrial Control Systems and Cyber Security Engineer, Shell, OT Cybersecurity Requires Total Business Buy-In >>

Kaspersky Lab’s discovery of Stuxnet in 2010 turned the industrial world on its head. As the first known instance of malicious code specifically designed to seek out and interfere with industrial operations, Stuxnet was a serious wakeup call for OT operators, especially those in much of the world’s critical infrastructure.

So how has the OT/ICS community responded to the new reality of OT cyber risk? With generous support from PAS, we asked 20 OT security professionals the following question:

What are the top three pieces of advice you would give a CISO to make the plant OT/ICS environment more secure from cyber attacks?

For OT and IT security people, this is something of a loaded question, largely because OT cybersecurity is still very much a work in progress. For instance, although many contributors stressed the importance of knowing your environment, that in itself is a big challenge that varies from industry to industry and plant to plant. “Asset knowledge” also means different things to different people.

The essays in this eBook provide a wealth of information and present an inside look at an aspect of cybersecurity that is still not well understood. I am certain that anyone responsible for critical industrial operations will benefit from the advice and experiences of those who have contributed to this eBook.