{"id":398,"date":"2021-10-19T13:07:23","date_gmt":"2021-10-19T11:07:23","guid":{"rendered":"https:\/\/insightevents.dk\/isc-cph\/?p=398"},"modified":"2021-10-22T19:41:05","modified_gmt":"2021-10-22T17:41:05","slug":"companies-need-to-work-with-threats-and-risks-in-a-structured-matter","status":"publish","type":"post","link":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/","title":{"rendered":"Companies need to work with threats and risks in a structured matter to make the right decisions"},"content":{"rendered":"<p><strong>J\u00f8rgen E. Hartig is Managing Director &amp; partner in <a href=\"https:\/\/securiot.dk\/\" target=\"_blank\" rel=\"noopener noreferrer\">SecuriOT<\/a> and is one of the keynote speakers at this year\u2019s first <a href=\"https:\/\/insightevents.dk\/isc-cph\/\" target=\"_blank\" rel=\"noopener noreferrer\">international industrial security conference<\/a> in Copenhagen 15-16-17 November. At the conference J\u00f8rgen will be talking about IEC 62443 and how you should handle the new \u201creality\u201d, and how IEC62443 standards can help you close the gap.<\/strong><\/p>\n<p>Read an interview with J\u00f8rgen Hartig here.<\/p>\n<h2><strong><em>How did you get into working with security and how did it develop throughout your career?<\/em><\/strong><\/h2>\n<p>My first job was as product marketing assistant in a network and security company in the early days of the Internet era (I\u2019m not going to tell you when \ud83d\ude0a) Since then I have been working with many different aspects of cyber security including technologies, cyber security services, security risk assessments and compliance. In 2018, I jumped over the fence from IT cyber security to OT cyber security, which has been very exciting to explore this discipline.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>What are the biggest challenges within cybersecurity in your eyes? <\/em><\/strong><\/h2>\n<p>From an OT cyber security perspective, the most challenging parts are the awareness, organizational anchoring and understanding of the threats within the companies. The C-level is starting to focus on OT-security, because they hear about the consequences from other incidents that they can relate to. It costs money to be down in the factory line, but if the companies don\u2019t understand the threats and the risks against their own company, they can\u2019t mitigate them. We often hear: \u201cWhy should the hackers go for us? We do not produce anything interesting\u2026\u201d or \u201cthe production has been going for 25 years, and we haven\u2019t had an issue\u201d or \u201cthere is no connections between IT-systems and OT-systems, so\u2026 (?)\u201d the last statement will be challenged dramatically within the next 5-10 years. Vendors will come out with new technology and solutions that will utilize cloud-enabled application and 5G connections to the factory floor, so they will be no \u201cair-gap\u201d in the future. I am not saying, it is wrong. I am just saying that the companies need to work with threats and risks in a structured matter, so the right decisions will be made.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>How do we get ahead of \u2018the bad guys\u2019?<\/em><\/strong><\/h2>\n<p>Well, I believe the maturity level on OT-security in many companies is 5-6 years behind from maturity level of IT-security in the same company, so it will take some time before we get ahead of them if that will ever happen. The most important disciplines are to create a high level of visibility, create defense in depth and layered security in the OT-infrastructure and deploy simple and understandable processes\/policies. By the way: Don\u2019t forget to train and maintain \u201cthe Human Firewall\u201d at the factory floor.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>When looking forward just 5-10 years, what do you think will be different?<\/em><\/strong><\/h2>\n<p>More digitalization will be deployed in the OT environment, because the companies want to work smarter and extract more information from the OT and IT devices and provide better services to customers. It will require the OT security is taken to the next level in the companies.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>Besides more funds for security, what do you think would make a difference in the industry?<\/em><\/strong><\/h2>\n<p>Money is good, but I think that awareness, understanding and information sharing are key. Some companies are ahead within OT Cyber Security and the experience from how they increased their maturity level will be very fruitful for more other companies to know. By having this insight, the companies know how to spend them in the right way. There are many communities in Denmark and globally, where this type of information and experience are sharing, and this event is also a part of this.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>What will your keynote be about, and which learnings are you hoping the participants take with them?<\/em><\/strong><\/h2>\n<p>OT cyber security is not just fixed with a product or full-featured firewall. OT cyber security is a discipline, but how do you start and improve the disciplines in your company ? One of the standards, that many production and utility companies are looking into, when it come to OT cyber Security, is the IEC62443. It is 800 pages, it is America, and it is hard to find out, where to start and how use it. I will talk about the experiences, that we have had with helping customers to use the standard. So hopefully the audience will get a better understanding for the standard and hopefully be inspired to use it in their own company, when are looking into the new threat and risks, that the companies are faced.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>What are your own expectations for the conference? <\/em><\/strong><\/h2>\n<p>I am looking forward to some great talks with the other attendees &#8211; \u00a0face2face \u2013 and not just through TEAMs or other virtual platform. Since it is a real OT-community, I except to have lot of information sharing about this great topic.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong><em>And which keynotes are you looking forward to hearing?<\/em><\/strong><\/h2>\n<p>There are a lot of great sessions, but especially the sessions with customer cases are of highest interest.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong>Do you want to hear more about IEC62443? <\/strong><\/h2>\n<p>Join the international Industrial Security Conference. Read more <a href=\"https:\/\/insightevents.dk\/isc-cph\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>\u00a0and sign up\u00a0<a href=\"https:\/\/my.eventbuizz.com\/event\/industrial-security-conference-cph-9585\/detail\/registration#get_register\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>J\u00f8rgen E. Hartig is Managing Director &amp; partner in SecuriOT and is one of the keynote speakers at this year\u2019s first international industrial security conference in Copenhagen 15-16-17 November. At the conference J\u00f8rgen will be talking about IEC 62443 and how you should handle the new \u201creality\u201d, and how IEC62443 standards can help you close [&hellip;]<\/p>\n","protected":false},"author":15,"featured_media":399,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[3],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Companies need to work with threats and risks in a structured matter<\/title>\n<meta name=\"description\" content=\"J\u00f8rgen E. Hartig is Managing Director &amp; partner in SecuriOT, and he is speaking at the international Industrial Security Conference. Read an interview here.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Companies need to work with threats and risks in a structured matter\" \/>\n<meta property=\"og:description\" content=\"J\u00f8rgen E. Hartig is Managing Director &amp; partner in SecuriOT, and he is speaking at the international Industrial Security Conference. Read an interview here.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/\" \/>\n<meta property=\"og:site_name\" content=\"Industrial Security Conference Copenhagen\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-19T11:07:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-22T17:41:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Line\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Line\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/\",\"url\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/\",\"name\":\"Companies need to work with threats and risks in a structured matter\",\"isPartOf\":{\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg\",\"datePublished\":\"2021-10-19T11:07:23+00:00\",\"dateModified\":\"2021-10-22T17:41:05+00:00\",\"author\":{\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/#\/schema\/person\/e1b949cdb7e6339b6ba34b36365c444c\"},\"description\":\"J\u00f8rgen E. Hartig is Managing Director & partner in SecuriOT, and he is speaking at the international Industrial Security Conference. Read an interview here.\",\"breadcrumb\":{\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#primaryimage\",\"url\":\"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg\",\"contentUrl\":\"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg\",\"width\":1200,\"height\":630,\"caption\":\"J\u00f8rgen Hartvig from SecuriOT is one fo the speakers at Industrial Security Conference\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/insightevents.dk\/isc-cph\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Companies need to work with threats and risks in a structured matter to make the right decisions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/#website\",\"url\":\"https:\/\/insightevents.dk\/isc-cph\/\",\"name\":\"Industrial Security Conference Copenhagen\",\"description\":\"Industrial Security Conference Copenhagen\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/insightevents.dk\/isc-cph\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/#\/schema\/person\/e1b949cdb7e6339b6ba34b36365c444c\",\"name\":\"Line\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/insightevents.dk\/isc-cph\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7b77f339adf5c930d53d064e7fb88017?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7b77f339adf5c930d53d064e7fb88017?s=96&d=mm&r=g\",\"caption\":\"Line\"},\"url\":\"https:\/\/insightevents.dk\/isc-cph\/author\/line\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Companies need to work with threats and risks in a structured matter","description":"J\u00f8rgen E. Hartig is Managing Director & partner in SecuriOT, and he is speaking at the international Industrial Security Conference. Read an interview here.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/","og_locale":"en_GB","og_type":"article","og_title":"Companies need to work with threats and risks in a structured matter","og_description":"J\u00f8rgen E. Hartig is Managing Director & partner in SecuriOT, and he is speaking at the international Industrial Security Conference. Read an interview here.","og_url":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/","og_site_name":"Industrial Security Conference Copenhagen","article_published_time":"2021-10-19T11:07:23+00:00","article_modified_time":"2021-10-22T17:41:05+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg","type":"image\/jpeg"}],"author":"Line","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Line","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/","url":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/","name":"Companies need to work with threats and risks in a structured matter","isPartOf":{"@id":"https:\/\/insightevents.dk\/isc-cph\/#website"},"primaryImageOfPage":{"@id":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#primaryimage"},"image":{"@id":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#primaryimage"},"thumbnailUrl":"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg","datePublished":"2021-10-19T11:07:23+00:00","dateModified":"2021-10-22T17:41:05+00:00","author":{"@id":"https:\/\/insightevents.dk\/isc-cph\/#\/schema\/person\/e1b949cdb7e6339b6ba34b36365c444c"},"description":"J\u00f8rgen E. Hartig is Managing Director & partner in SecuriOT, and he is speaking at the international Industrial Security Conference. Read an interview here.","breadcrumb":{"@id":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#primaryimage","url":"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg","contentUrl":"https:\/\/insightevents.dk\/isc-cph\/wp-content\/uploads\/sites\/4\/2021\/10\/Joergenhartvig1200x630.jpg","width":1200,"height":630,"caption":"J\u00f8rgen Hartvig from SecuriOT is one fo the speakers at Industrial Security Conference"},{"@type":"BreadcrumbList","@id":"https:\/\/insightevents.dk\/isc-cph\/2021\/10\/19\/companies-need-to-work-with-threats-and-risks-in-a-structured-matter\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/insightevents.dk\/isc-cph\/"},{"@type":"ListItem","position":2,"name":"Companies need to work with threats and risks in a structured matter to make the right decisions"}]},{"@type":"WebSite","@id":"https:\/\/insightevents.dk\/isc-cph\/#website","url":"https:\/\/insightevents.dk\/isc-cph\/","name":"Industrial Security Conference Copenhagen","description":"Industrial Security Conference Copenhagen","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/insightevents.dk\/isc-cph\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/insightevents.dk\/isc-cph\/#\/schema\/person\/e1b949cdb7e6339b6ba34b36365c444c","name":"Line","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/insightevents.dk\/isc-cph\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7b77f339adf5c930d53d064e7fb88017?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7b77f339adf5c930d53d064e7fb88017?s=96&d=mm&r=g","caption":"Line"},"url":"https:\/\/insightevents.dk\/isc-cph\/author\/line\/"}]}},"_links":{"self":[{"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/posts\/398"}],"collection":[{"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/comments?post=398"}],"version-history":[{"count":0,"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/posts\/398\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/media\/399"}],"wp:attachment":[{"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/media?parent=398"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/categories?post=398"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/insightevents.dk\/isc-cph\/wp-json\/wp\/v2\/tags?post=398"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}