Building and Managing an Integrated IT/OT SOC to Support Heavy Industry presented at ICSCyberSecurityConference 2020

by Nitin Jhunjhunwala,

Summary : With numerous plants around the world, a global heavy industry leader is making significant investments for plant digitization as part of its bold Industry 4.0 strategy. These innovations require protecting its connected and digital enterprise from cyber attacks and improving the security posture of its plant automation systems.A core element of this security upgrade is the setup of an enterprise-wide SOC to provide comprehensive cyber monitoring across the IT and OT landscape, enabling real-time visibility on assets, vulnerabilities and events. The team is helping build and roll-out the OT SOC across the organization’s plants ─ including solution architecture, design, deployment, configuration and fine-tuning ─ while driving SOC operations in an MSS model to deliver 24x7 monitoring and detection and supporting the organization's cyber security team for effective response.This talk will draw from this ongoing journey to focus on the OT cyber monitoring solution engineering and roll-out process, in particular architecture and design considerations, deployment methodology, dependencies and lessons learnt. We will also cover how operations and incidents are managed across the MSS-driven SOC.Key takeaways:Considerations for OT visibility and monitoring solution design, deployment, and operational readiness.Scalable SOC operating model for distributed and converged IT/OT environments.