Ce diaporama a bien été signalé.
Le téléchargement de votre SlideShare est en cours. ×

Executive Perspective Building an OT Security Program from the Top Down

Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Prochain SlideShare
Oep light
Oep light
Chargement dans…3
×

Consultez-les par la suite

1 sur 11 Publicité

Executive Perspective Building an OT Security Program from the Top Down

Télécharger pour lire hors ligne

Designed for executives, this non-technical track addresses key components of a successful OT security program. The discussions are intended to spark conversation and this guide highlights key takeaways on what works, what doesn’t and what’s next. https://accntu.re/3N7KmiZ

Designed for executives, this non-technical track addresses key components of a successful OT security program. The discussions are intended to spark conversation and this guide highlights key takeaways on what works, what doesn’t and what’s next. https://accntu.re/3N7KmiZ

Publicité
Publicité

Plus De Contenu Connexe

Diaporamas pour vous (20)

Similaire à Executive Perspective Building an OT Security Program from the Top Down (20)

Publicité

Plus par accenture (20)

Plus récents (20)

Publicité

Executive Perspective Building an OT Security Program from the Top Down

  1. 1. Building an OT Security Program Executive Perspective
  2. 2. LinkedIn: @Jim Guinn, II | Twitter: @jimmy_guinn Jim Guinn, II Accenture Senior Managing Director Our improvement journeys are all different, but our end goal is the same – achieve operational integrity and cyber resilience. We are honored to have so many senior leaders and cybersecurity OT experts involved with this summit, sharing their experiences and insights to help others achieve the goal. The outpouring of support for this event has been amazing. It demonstrates how important knowledge sharing and community involvement are to moving the needle on industrial cybersecurity. What follows are key takeaways from each session. Bold statements from OT cybersecurity practitioners based on real-world experience advancing programs and tackling the same challenges facing your organization. We all know a lot can go wrong in an OT environment, which can impact health, safety and the environment. The last year has highlighted just how vulnerable our critical infrastructure is to cyber threats. And there's absolutely no question that if any of these attacks are successful, HSE issues can ensue. Cybersecurity can no longer be an afterthought. It must be top of mind, always. As you read through this document and listen to the replays, think about your upcoming projects and operational objectives and consider reframing your discussions to incorporate security. For example: “As we adopt 5G to gain extra bandwidth, how do we do that securely?” “We are planning to increase production securely.” “We need to enhance our operations securely with the use of robotics.” If we just embed the word security in everything we talk about and in everything we do, it then comes to the forefront of our minds. Review this guide. Share the on-demand content. And reach out if you have questions or just need a sounding board. My team is ready to collaborate to advance your program for whatever is next. Cheers, “There’s absolutely no question that if any of these attacks are successful, HSE issues can ensue. Cybersecurity can no longer be an afterthought. It must be top of mind, always.” Jim Guinn, II Copyright © 2022 Accenture. All rights reserved. 2 Watch the summit >
  3. 3. The Cybersecurity Imperative: Why embrace it? Building an OT security program from the top down Designed for executives, this non- technical track addresses key components of a successful OT security program. The discussions are intended to spark conversation and this guide highlights key takeaways on what works, what doesn’t and what’s next. The agenda spans: • organizational structure • vendor selection • OT SOC design • reporting strategy • communication imperatives Session Overview Developing the next industrial cyber workforce Navigating the booming vendor landscape OT SOC Debate: Dedicated vs Integrated How to execute at speed and demonstrate value Communicating risk and reward to the board Automation—In promise, in practice Opening Keynote Operation: Next ‘22 Fundamentals & Structure Innovation & Technology Case Study Project Execution Investment & Risk Closing Keynote Executive Perspective
  4. 4. It’s impossible to have every angle nuanced… Get your four to six critical assets, critical processes really understood and quantify the financial risk.” Bob Dudley “ Muqsit Ashraf Accenture Bob Dudley Former CEO, BP Speakers The Cybersecurity Imperative: Why embrace it? Breaches continue to climb despite billions invested in cybersecurity. Are companies investing in the right security priorities? Bob Dudley provides his thoughts on why it has taken so long for executives to wake up to the challenges and what is needed to make cybersecurity a strategic priority for executives and the board. Key takeaways: • For a long time, cybersecurity was viewed as a technical problem, rather than seen as an operational risk and business continuity concern. • Priorities are changing as breach implications become more significant, including emerging case law that holds boards and executives accountable. Opening Keynote • Boards need to understand the problem, the language and the financial implications to a company. Time to move away from showing the board basic activity dashboards and begin reviewing the critical assets and business processes that are most vulnerable and quantify that risk. • Big wake-up call was when Accenture was able within a few weeks to take over BP’s oil refinery control systems. Immediately created a world-wide task force to update our asset security program. It took time and significant culture change to implement. • Crisis Management exercises helped our executive teams understand the communications process was far more complicated than they expected. Copyright © 2022 Accenture. All rights reserved. 4 Watch the full session on-demand >
  5. 5. We’ve got to begin thinking how do we take people…and prepare them to engineer, design or defend these critical systems.” Sean McBride “ Sean McBride Idaho State University Speakers Developing the next industrial cyber workforce Arguably the most universal OT security challenge is acquiring and retaining talent. Meeting the demand for industrial cybersecurity professionals starts with preparing a future workforce. • Idaho State University (ISU), in partnership with the International Society of Automation Global Cybersecurity Alliance and Idaho National Laboratory, have created a curriculum for industrial cybersecurity. • First draft of Building an Industrial Cybersecurity Workforce is available at inl.gov/icscop Fundamentals & Structure • Guide outlines roles, tasks, knowledge needs, and evidence-based curriculum. • Already being used at ISU and available to high schools, community colleges and others to create career paths for students. • Adopted by Siemens Energy for its Cybersecurity Apprentice Program. • Input is needed from practitioners to further enhance and improve this guide • Join the INDUSTRIAL CYBERSECURITY COMMUNITY OF PRACTICE at inl.gov/icscop Copyright © 2022 Accenture. All rights reserved. 5 Watch the full session on-demand >
  6. 6. The [vendors] that are going to be successful are the ones that have a service element that is difficult for an IT company to replicate.” Dale Peterson “ Bob Ackerman AllegisCyber Capital Dino Boukouris Momentum Cyber Rich Mahler Accenture Dale Peterson S4 Events Speakers Navigating the booming vendor landscape With thousands of new security technologies available (and more being added), where should you invest your money and confidence? It’s been a record year for M&A financing deals in cybersecurity. Many undifferentiated solutions in the market create a lot of noise for those tasked with evaluating vendors. What should you look for? Key takeaways: • Expertise: Look for someone who has OT domain expertise. They will better understand the unique requirements and challenges of this space. • Services: With the shortage of OT security expertise, look for someone who can offer complimentary services to augment your team, e.g., incident response teams. Innovation & Technology • Have realistic expectations. Unlikely any solution will last more than 3-5 years given the aggressive M&A activity. • Understand your future plans. If you have plans to augment or implement newer technologies into your production environment, you might lean towards technologies that converge OT and IT. Copyright © 2022 Accenture. All rights reserved. 6 Watch the full session on-demand >
  7. 7. “The ongoing collaboration between IT and OT is critical—the full integration is optional.” Jason Holcomb James Costello Freeport McMoRan Jason Holcomb Accenture Tony Souza CenterPoint Energy Speakers OT SOC Debate: Dedicated vs Integrated The OT SOC is a culmination of other investments made in an OT program. What is the best SOC build model and how do you get there? Three security experts share their experiences and advice for building an OT SOC. Key takeaways: • If you don’t have monitoring, detection and response functions for your OT environment, you need to start that journey. • Cyber threats towards OT will continue, while regulations are rapidly expanding across OT. Without proper instrumentation, it will be difficult to respond to these demands. • Industrial digital transformation will also continue, which will require IT/OT be integrated. Case Study • Ongoing collaboration between IT/OT is critical. This starts by building trust between the two organizations. • You don’t have to be integrated to be effective, but there are efficiency gains. IT is better positioned to manage firewalls, threat detection, etc. enabling OT to focus on operations. • When selling leadership, focus on the business building capabilities that come with OT security. You can leverage operational visibility to help the business, e.g., run more efficiently, improve performance, etc. • Ways to staff your SOC include recruiting OT business staff to join security, cross training IT & OT staff, internship and apprenticeships. Copyright © 2022 Accenture. All rights reserved. 7 Watch the full session on-demand >
  8. 8. Every single site has its own set of challenges. Establishing a realistic plan that accounts for those nuances, is essential.” Doug Wylie “ Paul Brownlee Accenture Ray Griffiths Accenture Kevin Jackson Accenture Doug Wylie Accenture Speakers How to execute at speed and demonstrate value Companies on the journey to secure hundreds of sites face challenges common across industry and geography. How we balance the speed of progress with the speed of business and the criticality of operations is the key to keeping business operations owners engaged and supported. • Establish a starting point and have a realistic plan that accounts for the many variations across sites. • Understand your critical threats and actual risks and focus on those to protect your company. • Board level understanding is still incomplete. Using adverse simulations can be a powerful way to demonstrate to executives how a proposed investment can reduce risk. • When expressing value, use language that resonates with the business such as availability, reliability, up time and improving efficiencies. Project Execution • To maintain momentum, set up your program to demonstrate value from day one. Start with the easy stuff and use what you already have (don’t reinvent the wheel). • Federated models that push implementations to local sites can be a powerful way to accelerate the process. • Regularly report on “metrics that matter” and revisit them throughout the implementation to ensure they are still valid and relevant given various changes across the landscape. • To balance speed and technology rigor, you need to thoroughly evaluate proposed tools and ensure they are “fit for purpose.” • To fill the skills gap, look internally for ways to reapply/redirect skills to support the effort or outsource where suited. Copyright © 2022 Accenture. All rights reserved. 8 Watch the full session on-demand >
  9. 9. “You can make all sorts of investments— and feel good about them—but if you don’t understand where the weakest links are…there are going to be all sorts of problems.” Yanni Charalambous Jim Guinn, II Accenture Yanni Charalambous Oxy Speakers Communicating risk and reward to the board As operational technologies and automation evolve, how do you get the risk and reward balance correct when making new investments? Yanni Charalambous believes a mindset of continuous improvement is critical to success. And when it comes to cyber risk and resilience, “if you like a challenge, you’re in the right place.” Key takeaways: • Need to understand the risk profile of your assets and have that profile drive your investments. • Improvements are continuously needed to address ongoing and evolving external and internal risks. • If you approach security as a checklist, you’ll find yourself behind. Investment & Risk • Boards want to know the risks to a company. Three discussion points to communicate: • what threats are happening in the industry • what measures you have in place • what the outcome would be if those measures failed, e.g., loss of life, loss of property. • For our board, we focus on the top 10 assets in the company that we need to make investments in to keep them secure. Copyright © 2022 Accenture. All rights reserved. 9 Watch the full session on-demand >
  10. 10. Automation — In promise, in practice “We want to use automation where we can and then have humans involved where they need to be.” Paul Scharre Gabby D’Adamo Accenture Jim Guinn, II Accenture Paul Scharre Center for a New American Security Speakers There’s no question that automation already plays a significant role in IT and OT system cybersecurity. As the threat landscape continues to grow, what role could/should automation play in OT security management? Advantages of automation • Helps systems be more efficient, more effective and safer. • Reduces tendency for human error. • Propagates system updates helping improve security. • Works well for repeatable, predictable processes. Closing Keynote Risks of automation • Takes humans out of the process removing them from potentially catching mistakes and issues. • Increases potential risk if a hacker infiltrates a system. • Can’t build automated systems to work in situations we can’t predict. Going forward • Automation adoption needs to be a risk-informed decision. • Start by looking for manual processes you can automate that will free up humans to focus on critical thinking problems. • Humans will still play a role – they need to know what automation is capable of and when to step in. Copyright © 2022 Accenture. All rights reserved. 10 Watch the full session on-demand >
  11. 11. Ready to step into next? Visit our website for expert insights on OT cybersecurity Discover more resources > Learn about our purpose- built OT Cyber Fusion Center Partner with us to advance your OT security program Leverage our test facility > Engage our OT cyber team > Take a virtual tour > Contact our team >

×