OT Security: Know What You've Got and Where Your Risks AreOT Security Lags IT Security But the Basics Are the Same, Panelists Say
Threat intelligence is an important component of OT security because it maps the techniques and tactics of threat actors to what they are likely to attack, and it collaborates across teams to cover potential vulnerabilities, according to Susan Koski, CISO and head of enterprise information security at PNC Financial Services Group, and Sapan Talwar, global CISO at Perfetti Van Melle Group.
Talwar said that only 11% of operational technologies are properly secured, whereas 80 to 85% of IT systems are secured. Koski added that while defenders are always playing catchup with new offensive capabilities, cybersecurity vendors can help by building things more securely rather than chasing after attacks when they happen.
Priorities start with visibility, knowing what you have on your network and then patching and mitigating known risks, after which comes threat intelligence, they said.
- The maturity of OT security and how it needs to catch up with IT;
- How threat intelligence can be used to mitigate risk;
- Why visibility of assets should be a top priority.
Koski achieves a business balance of security and risk management, rebuilds programs and develops highly functional teams. She also re-engineers processes and technology for efficiency and innovation. Koski previously served as managing director of technology risk management at BNYMellon, CISO at Synovus and chief data protection officer at Aetna.
Talwar previously worked in senior security roles with companies including Aon, Adobe and Tower Research Capital. He has more than 24 years of experience in information risk management, cybersecurity, regulatory compliance, security engineering and governance.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.