About Session
Technical Level: Intermediate
Robert Valkama and Mikko Kenttälä will walk you through how focused testing of network segregation, a fundamental security control, can reap unexpected benefits on improving the overall OT security posture on other fronts as well. They start with the concept of network isolation and segregation and its importance as a security control in OT. They will cover how it can be tested for and what are the common case failures that large scale and wide spectrum testing has revealed. From there they will move to exploring real life examples of misconfigurations and design failures that did lead to leaky networks. For each example they will do root cause analysis and most importantly highlight what was done to prevent similar mistakes from happening again. Finally, they will zoom out to how these lessons learned and the developed preventive measures did lead to process improvements and boosting other important OT security controls related to asset, configuration, patch and supplier management and supervision. We hope that our story will encourage you to carry out similar focused campaigns. We can guarantee that they would open new perspectives to understanding your systems and improving also other processes, security controls and safety nets you need.