The recent Webinar Wednesday session “Five Lessons Learned to Implement OT Security” was presented by Nuvolo Director of Product Marketing OT Security Tony Bailey and First Health Advisory Chief Executive Officer Carter Groome. The webinar was sponsored by Nuvolo and eligible for 1 credit from the ACI.
In this 60-minute webinar, Groome and Bailey shared the top five things that First Health Advisory and Nuvolo have learned so that individuals can implement an effective OT security program. If a security exploit impacts one’s operational technology (OT) – such as medical devices or health care facilities systems – you need to quickly dispatch the right person with the right remediation steps. Yet, approaches such as only using an OT discovery and monitoring tool lack the maturity needed for OT security.
Groome and Bailey explained why detailed content such as maintenance history, device owner’s name and what the device is used for are critical. Then, they shared how this content can be integrated with security monitoring tools plus a system of action are the only effective way to respond and mitigate security events.
The duo provided additional insights during an informative question-and-answer session following the presentation.
One attendee asked, “When a device is connected to a network, how long does it take a monitoring tool to discover the new device and bring the information to you?”
Groome said that once everything is set up the information should be available instantly.
“You’re going to get that information instantaneously, that’s the intent,” he explained. “And that’s the power behind using these technologies to feed information to the people that need to actually go out there and touch these devices, have hands on these assets and reduce risk.”
Another question was, “Our IT team uses their network detection tools to identify unusual network traffic. So, why would we need the Intelligence Hub that you referred to earlier?”
Bailey said there are differences in what information the two different tools can provide.
“IT security tools do a great job for traditional IT, such as laptops, servers, switches, the challenge is that when those tools pick up, let’s say, unusual network behavior, they are not going to have the context around what’s impacted,” Bailey said. “And so, and again, to re-iterate what we said earlier, contexts can be things like, where is the device located? What’s the owner’s name of that device? What is the device doing?”
He said IT tools can do a great job on monitoring network traffic but the tools and the people using them can only glean so much from what traffic is passing over a wire.
“And it’s certainly not going to tell you maintenance history or the device owner’s name,” he added.
This specially focused topic drew interest from a select group of HTM professionals with almost 100 individuals registering for the live webinar. A recording of the webinar is available for on-demand viewing.
Attendees shared feedback via a survey that included the question, “How will today’s webinar help you improve in your role?”
“It helps me with securing OT and identifying the difference between IT and OT devices on the network and how to take care of medical devices monitoring,” said T. Botros, BMET.
“It provided content which aligned to our current strategy and some new perspectives on certain topics,” Cybersecurity Manager L. Fowler said.
“Better asset management and countermeasure cyber threats,” said T. Koh, MET.
For more information, visit WebinarWednesday.live.