))
70: OT Monitoring Tools- A Case Study on How to Choose One- Post Q&A with Raph Arakelian
Manage episode 355951839 series 2892013
Inhalt bereitgestellt von Derek Harp. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Derek Harp oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Raphael Arakelian joins Derek Harp today for a slightly different podcast.
Raphael is currently the Manager of OT and IoT Cybersecurity at PwC Canada. He is a cybersecurity practitioner specializing in Operational Technology (OT), the Internet of Things (IoT), and Industrial Control Systems (ICS).
It has always been challenging for purchasers and end-users to understand how to differentiate between various OT products and determine which tools to select. Raph has developed a methodology for comparing monitoring tools. On the 25th of January this year, he did a CS2AI online show with Derek called OT Monitoring Tools: A Case Study on How to Choose One. It was a popular event, and many questions got submitted. Unfortunately, all the questions could not get answered within the allotted time. So they decided to follow up with a collaborative bonus session to get to the bottom of more of those questions.
In his episode, Raph discusses his systematic methodology for overcoming the challenge that organizations often face when looking at different vendors in the OT security space to select the right tool for a given situation. He also responds to several unanswered questions from the online CS2AI event.
Show highlights:
- Raph shares the idea behind his systematic approach and explains what led him to devise it.
- The nine technical areas that get evaluated with Raph’s methodology.
- The nuances that led Raph to the three candidate vendors with whom he did his proof of concept.
- Raph recaps his methodology, discusses the source of truth data critical for the assessment, and explains what happens if an organization does not have the asset inventory beforehand.
- How to differentiate between IT and OT assets.
- Raph gives a quick explanation of industrial protocols.
- Question: During the proof of concept, was there a concern about connecting the tools and a laptop to an active utility system? Was port mirroring enough to ensure one-way communication?
- How to address devices that are not active on the network.
- Question: “Based on your study, How is Asset Characterization for OT Monitoring Tools it seems that there could be a lot of manual edits needed to fix mischaracterization.”
- Raph shares his thoughts on the following: “For most tools, it seems that CDE detection and remediation guidance has a shotgun approach without regard to the hardware on which the CDE is found.”
- Instances in which vendors will be willing to update their products.
- Why Raph believes OT monitoring tools are helpful.
Links and resources:
Sign up here to become a member of our on-demand library.
Raphael Arakelian on LinkedIn
114 Episoden
Teilen
