Advertisement
OT Solution Overview.pptx
OT Solution Overview.pptx
OT Solution Overview.pptx
OT Solution Overview.pptx
OT Solution Overview.pptx
OT Solution Overview.pptx
OT Solution Overview.pptx

Check these out next

Identity and Security in the Cloud
Identity and Security in the Cloud
Richard Diver
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain Transactions
Rivetz
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
Karthikeyan Dhayalan
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
Jay McLaughlin
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
Precisely
crisc_wk_5.pptx
crisc_wk_5.pptx
dotco
Firewall, Router and Switch Configuration Review
Firewall, Router and Switch Configuration Review
Christine MacDonald
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
Sam Bowne
1 of 7

OT Solution Overview.pptx

Mar. 28, 2023
Download to read offline
Technology

.

Alejandro Daricz
Advertisement
Advertisement
Advertisement

Recommended

Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely125 views27 slides
DncybersecurityDncybersecurity
DncybersecurityAnne Starr108 views34 slides
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5Kabul Education University358 views29 slides
Access Control ppt.pptxAccess Control ppt.pptx
Access Control ppt.pptxGADAANFEKADU22 views36 slides
Access-control-systemAccess-control-system
Access-control-systemTechera Consultants4.5K views14 slides
managingyouraccesscontrolsystems-130223182036-phpapp01managingyouraccesscontrolsystems-130223182036-phpapp01
managingyouraccesscontrolsystems-130223182036-phpapp01Walter Sinchak,427 views103 slides

More Related Content

Similar to OT Solution Overview.pptx(20)

Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the Cloud
Richard Diver712 views
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain Transactions
Rivetz339 views
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
Karthikeyan Dhayalan6.4K views
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
Jay McLaughlin323 views
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
Precisely44 views
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
dotco6 views
Firewall, Router and Switch Configuration ReviewFirewall, Router and Switch Configuration Review
Firewall, Router and Switch Configuration Review
Christine MacDonald3.5K views
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
Sam Bowne148 views
Iam business caseIam business case
Iam business case
Dawn Mallyon2.2K views
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
SecureAuth586 views
SmartERP PeopleSoft Security SmartERP PeopleSoft Security
SmartERP PeopleSoft Security
Smart ERP Solutions, Inc.102 views
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
Nicholas Davis352 views
Outside the Office: Mobile SecurityOutside the Office: Mobile Security
Outside the Office: Mobile Security
McKonly & Asbury, LLP633 views
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
dotco17 views
Iot presentationIot presentation
Iot presentation
Soroosh Ebrahimi5.9K views
Myths of validationMyths of validation
Myths of validation
Jeff Thomas1.5K views
Considerations for a secure internet of things for cities and communitiesConsiderations for a secure internet of things for cities and communities
Considerations for a secure internet of things for cities and communities
Mrinal Wadhwa130 views
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
Nicholas Davis448 views
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
Scott Carlson207 views
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
GooglePay164 views

More from Alejandro Daricz(9)

Daniel_CISSP_Dom7__1_.pdfDaniel_CISSP_Dom7__1_.pdf
Daniel_CISSP_Dom7__1_.pdf
Alejandro Daricz6 views
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
Alejandro Daricz41 views
meraki-mx-sizing-principles-english.pdfmeraki-mx-sizing-principles-english.pdf
meraki-mx-sizing-principles-english.pdf
Alejandro Daricz9 views
Imperva-presentacion-GMS.pdfImperva-presentacion-GMS.pdf
Imperva-presentacion-GMS.pdf
Alejandro Daricz4 views
Microsoft Azure Hub_Spoke_Ampliado.pptxMicrosoft Azure Hub_Spoke_Ampliado.pptx
Microsoft Azure Hub_Spoke_Ampliado.pptx
Alejandro Daricz29 views
Liderazgo ÁgilLiderazgo Ágil
Liderazgo Ágil
Alejandro Daricz7 views
comptia-secplussy0601-1-15-threat_intelligence_osint.pptxcomptia-secplussy0601-1-15-threat_intelligence_osint.pptx
comptia-secplussy0601-1-15-threat_intelligence_osint.pptx
Alejandro Daricz7 views
Esg lab-validation-check-point-cloud guard-mar-2018Esg lab-validation-check-point-cloud guard-mar-2018
Esg lab-validation-check-point-cloud guard-mar-2018
Alejandro Daricz88 views
Citrix cloud services_total_economic_benefits_assessment_guideCitrix cloud services_total_economic_benefits_assessment_guide
Citrix cloud services_total_economic_benefits_assessment_guide
Alejandro Daricz26 views
Advertisement

Recently uploaded(20)

Introduction to Custom Journey Builder Activities, Orkhan AlakbarliIntroduction to Custom Journey Builder Activities, Orkhan Alakbarli
Introduction to Custom Journey Builder Activities, Orkhan Alakbarli
CzechDreamin0 views
Deep Dive into Dashboard Components, David CarnesDeep Dive into Dashboard Components, David Carnes
Deep Dive into Dashboard Components, David Carnes
CzechDreamin0 views
Webinar - Making the business case - resources.pptxWebinar - Making the business case - resources.pptx
Webinar - Making the business case - resources.pptx
OpenAthens0 views
Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...
Black Hat Session: Exploring and Exploiting Aura based Experiences, Christian...
CzechDreamin0 views
Taking control of your queries with GraphQL, Alba RivasTaking control of your queries with GraphQL, Alba Rivas
Taking control of your queries with GraphQL, Alba Rivas
CzechDreamin0 views
Top 5 Tinder secrets of being the most ‘Desirable’ Salesforce consultant no o...Top 5 Tinder secrets of being the most ‘Desirable’ Salesforce consultant no o...
Top 5 Tinder secrets of being the most ‘Desirable’ Salesforce consultant no o...
CzechDreamin0 views
lecture2.pptlecture2.ppt
lecture2.ppt
n00ne20 views
How do you know you’re solving the right problem? Design Thinking for Salesfo...How do you know you’re solving the right problem? Design Thinking for Salesfo...
How do you know you’re solving the right problem? Design Thinking for Salesfo...
CzechDreamin0 views
The Capital Stack - Mastersfund Curriculum copy.pdfThe Capital Stack - Mastersfund Curriculum copy.pdf
The Capital Stack - Mastersfund Curriculum copy.pdf
Gillian Muessig0 views
Cybersecurity Predictions for 2023Cybersecurity Predictions for 2023
Cybersecurity Predictions for 2023
Peterson Technology Partners0 views
Next Generation Digital TransformationNext Generation Digital Transformation
Next Generation Digital Transformation
Vishal Sharma0 views
Ape to API, Filip DousekApe to API, Filip Dousek
Ape to API, Filip Dousek
CzechDreamin0 views
Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...
Report & Dashboard REST API : Get your report accessible anywhere !, Romain Q...
CzechDreamin0 views
The Art of Discovery – Why Requirements Matter, Pallavi AgarwalThe Art of Discovery – Why Requirements Matter, Pallavi Agarwal
The Art of Discovery – Why Requirements Matter, Pallavi Agarwal
CzechDreamin0 views
Effective coding approaches with Salesforce: Combining features for maximum i...Effective coding approaches with Salesforce: Combining features for maximum i...
Effective coding approaches with Salesforce: Combining features for maximum i...
CzechDreamin0 views
NOTICIA TINA TURNER.docNOTICIA TINA TURNER.doc
NOTICIA TINA TURNER.doc
AnaAvellaneda30 views
Real-time communication with Account Engagement (Pardot). Marketers meet deve...Real-time communication with Account Engagement (Pardot). Marketers meet deve...
Real-time communication with Account Engagement (Pardot). Marketers meet deve...
CzechDreamin0 views
Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...
Monitoring Automation Performance in Marketing Cloud Engagement, Daniela Vrbk...
CzechDreamin0 views
Chapter_1_.pptxChapter_1_.pptx
Chapter_1_.pptx
javairiaimran10 views
Zurich FinOps Meetup - 1st of June.pdfZurich FinOps Meetup - 1st of June.pdf
Zurich FinOps Meetup - 1st of June.pdf
Wuming Zhang0 views

OT Solution Overview.pptx

  1. OT SOLUTION OVERVIEW 1 CONFIDENTIAL INFORMATION
  2. OPERATIONAL TECHNOLOGY • What is OT? • The Challenge • The Solution • Discovery Questions • Sales Motion
  3. • Operational Technology, or OT, are systems that manage, monitor and control industrial operations • Gartner definition: “Hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise” • Examples include: Supervisory Control and Data Acquisition (SCADA) software, Programmable Logic Controllers (PLCs), physical plant equipment, machinery, Remote Terminal Units (RTUs), remote industrial software and hardware, Human Machine Interfaces (HMIs) • These are present in all types of organizations, but particularly present in Manufacturing, Energy, Utilities, Healthcare and Financial Services • OT devices are frequently sought after by attackers not only because of the power it grants them (and the rewards they can evoke) but also because they are easy targets • Weak password security, connected to other devices (lateral movement) WHAT IS OT? WHY DOES THIS MATTER? 3
  4. • OT devices are increasingly connected to the outside world; not just in air-gapped environments • SANS indicates that 64% of OT devices are connected • These devices all have administrative accounts that need to be managed, but with a very strict caveat that it cannot come at the expensive of operations • Most OT software applications have shared accounts used by many people that creates accountability issues • Remote users, and in particular, external vendors, manage devices in OT environments in a variety of ways and are difficult to provision access as well as provide secure access when offline THE CHALLENGES 4
  5. Privileged Access Manager • Use Privileged Access Manager to discover privileged accounts that exist in OT systems and onboard them to be managed and rotated • In OT environments where end-users are never online, leverage the offline access capability within the CyberArk Mobile app • Privileged Session Management capabilities are recommended to isolate sessions so credentials never reach the workstation, monitor and audit Remote Access • Leverage Remote Access to ensure biometric authentication and Zero Trust access to critical resources without the need for VPNs, passwords or agents • For external vendors, leverage Vendor PAM to provision access just-in-time; this will be very common within OT environments, with many vendors who require access to various devices Endpoint Privilege Manager • Implement application whitelisting in top-hierarchy control computers such as Human Machine Interfaces (HMIs) represents one of the most critical steps in securing an OT environment. • Remove local administrator rights from the HMI, and seamlessly elevate privileges, based on an organization’s policy, as required by trusted (whitelisted) applications. THE CYBERARK SOLUTION
  6. • What is the current workflow for the privileged users who work in your OT environments? • How do they log in to systems? • Do they have regular, intermittent or none internet connectivity? • How are you managing passwords for their privileged accounts? • Are there external vendors who require access to these devices? Device manufacturers, managed service providers, IT contractors, etc.? • How do you ensure that users are who they say they are? • Is there an audit trail? • Is there accountability and session recording? • What security controls are in place on Tier0 endpoints like HMIs? DISCOVERY QUESTIONS
  7. • Discuss other technology partners they may have in their stack • Gateway connections: Eaton, GE, Schweitzer • These make it easier for organizations to permit secure connections to OT devices by the leading manufacturers with secure session management and credential protection • Relevant CyberArk offerings: • Privileged Access Manager • Centralized repository to manage credentials for ALL devices in IT network (servers, databases, IoT, OT, etc.) • Within CyberArk Mobile, offline access is permitted where user can retrieve credentials within the app • Vendor PAM • A lot of organizations with OT leverage vendors/device manufacturers to maintain and operationalize these devices • Endpoint Privilege Manager • Least privilege and application control on the endpoint, in particular high value ones like HMIs ADDITIONAL CONSIDERATIONS
Advertisement