OT security researcher Ben Book takes an unapologetic view on the state of OT security in manufacturing. He doesn’t blame anybody but provides a clear analysis of business dynamics and offers what many lack when talking OT security solutions: the right questions.
Keywords Manufacturing, OT security, MSSP, maturity level, skills shortage, buzzwords, zero trust, IT/OT convergence
Sound Bites The small, medium enterprises don't have the resources and tools to mature as much as they would like to, and the large enterprises just can't move as fast as they want to.
OT security is just a massive gap, and it's so critical to any infrastructure across the globe. The opportunity is so large to modernize, but it's so large it's so hard to tackle.
Manufacturing organizations are some of the highest attacked verticals because they have no security.
We work with a lot of organizations that are very large organizations that are just not modern.
The other good thing about legacy is it's hard to attack. If I – on the floor – can't manage it, how is someone going to get into it?
I wish there was a buzzword you could simply buy and implement. Unfortunately, it doesn't work that way.
Whether big or small, the first step for companies is to understand what you actually have and how it is connected.
There’s no one-size-fits all strategy. Some want to DIY, some want to work with vendors, others with MSSPs. It depends on your staff, skills and strategic priorities.
OT security service are key for small teams and fast implementation.
Chapters 00:00 Introduction
00:35 About the OT security maturity levels of companies
03:48 Why OT security is moving slow in manufacturing
08:50 How vendors could make profit with integrated OT security offerings
11:59 Stop the buzzword war
14:00 First steps in OT security for a medium-sized manufacturer
17:00 How to face the challenge of skills shortage
19:21 Platform solutions vs combined product / service offerings
