In the last few years, operation technology (OT) security has become a hot topic in the boardroom. Due to the complexity of the subject and the continually evolving threats, we have launched different initiatives to expand the stakeholders’ knowledge of OT.
As part of our commitment to the Atos community, we seek to maintain an open dialogue and create useful content that can help all of us to expand our knowledge on key topics.
ISACA OT security conference
In September 2020, we presented a virtual conference to ISACA, a global professional association focused on IT governance, on how to integrate OT into cyber threat detection and response. Tom McDonald, Paladion Vice President, US enterprise engagements, and Eyal Asila, Atos Head of global cybersecurity consulting, shared several OT security case studies and gave insights on the best practices to secure OT environments in real-time to all ISACA members.
Key insights from this security conference were especially around the importance of maturity risk assessments in OT, threat detection and response, and the threat landscape. Understanding the current situation of industrial environments and identifying, people, processes, and technologies deployed is the first step that needs to be taken.
Through interviews, workshops, IT/OT asset discovery, and vulnerability network scanning, you retrieve the required data to deliver a comprehensive security roadmap.
These sessions are a huge opportunity to raise awareness of the threats targeting OT and the consequences for a company. By emphasizing the importance of implementing security in an OT environment, we hope to help industries better face their unique cybersecurity challenges and reach “cyber maturity”.
Atos internal OT learning initiatives
As part of our internal learning initiatives, we also provide 4-weeks training on industrial control systems (ICS) and OT webinars to all Atos employees who would like to familiarize more with this environment and its security. These sessions were aimed at beginners within cybersecurity in the OT.
As cybersecurity leaders, it is our responsibility to ensure that the knowledge we have is shared and acquired by our peers and partners. Our teams are trained to understand the industrial environment better to address these 3 important questions:
- Which threats should be addressed?
- Which security measures should be deployed?
- Where to implement them?
The purpose of each learning initiative is to deliver a maximum of relevant information in the shortest possible time.
At Atos, we believe that to achieve a smooth digital transformation, it is critical to offer sustainable security models to our clients to secure their most valuable assets and environments and that this goal can be reached through training and awareness.
Our duties are clear; now we need to join forces and bring others for acting as a counterweight to the attackers.
To secure environments that are not inherently secured is not always easy and does not start by just adding security controls. It is about prioritizing the most critical processes, systems and potential sources of attacks or vulnerabilities. Security is about identifying, managing and setting up a strategy.
With their digital transformation, utilities companies can be targeted by hackers on a very large attack surface.
Discover how to tackle it in this white paper.
The multiplicity of actors in the utilities’ industry, combined with the digitalization of the production, transport and distribution infrastructures, are weakening the world of energy.
How to tackle utilities cyber threats and where to start?
Interested in next publications?
Register to our newsletter and receive a notification when there are new articles.