1. InfoconDB
  2. Blue Team Con
  3. Blue Team Con 2022
  4. Preparing your IT SOC for OT Network Security Monitoring

Preparing your IT SOC for OT Network Security Monitoring

Presented at Blue Team Con 2022, Aug. 27, 2022, 10:40 a.m. (30 minutes)

OT and IT convergence is here. One of the biggest push in OT/ICS is the implementation of better visibility and increased network security monitoring. No matter if you have a fully in-house or hybrid Security Operation Center augmented with Managed Security Services. If you don’t have the funding or time to implement a separate OT Security Operations Center dedicated to monitoring your OT environment. This talk will discuss strategies, tactics, people, processes, and lessons learned in effectively integrating your OT NSM program into you IT SOC. This talk will lay out a flexible roadmap and walk you through the process of the before, during, and after steps that should be done in order to integrate your OT NSM program in your IT SOC, how to integrate, mature, response, and measure your OT NSM program within your IT SOC without losing the focus and critical aspect with better OT NSM monitoring within your organization.


Presenters:

  • Wesley Lee - Manager, Protiviti
    Wesley Lee has over 10 years of cybersecurity experience. Wesley currently works for a consulting firm where he manages and leads his firm OT/ICS security monitoring program and helps OT/ICS organizations secure themselves from modern and unique adversaries. Wesley started his career as a Security Operation Center analyst with the United States Department of Defense, where he also had the opportunity to perform, security audits, network and web application penetration testing, digital forensics, incident response, governance and compliance, OT/ICS security, and cyber threat intelligence on some of the most sophisticated systems around the world. Wesley holds a master’s degree in Cybersecurity from the University of Maryland Global College and obtained a number of information security certifications including CISM, CISSP, GMON, GSEC and GPEN. When Wesley is not working on solving cybersecurity issues, he is looking for a new place in the world to explore in hopes to see more than half of the world.

Similar Presentations: