8th Annual Control Systems Cybersecurity Europe Cyber Senate 8th Annual Control Systems Cybersecurity Europe Cyber Senate

Wednesday, November 10, 2021

- GMT
OT Defense in Depth Concept: Practical Considerations in Implementation
Dr. Jannis Stemmann
Dr. Jannis Stemmann
Bosch CyberCompare, Chief Executive Officer

 Overview Bosch setup

-        Challenges building a sufficient OT security system

-        Bosch approach and lessons learned:

o   OT asset inventory

o   ICS detection

o   Compensating security controls

o   Interfaces to IT security

-        How our own experience paved the way for the foundation of CyberCompare for external customers

- GMT
Panel: How Can We Manage Risk Faster? (Correction- "better!")
Robert Sharrock
Robert Sharrock
Emerson Process Systems and Solutions, European Sales Manager for Cyber Security Solutions
Dr. Jannis Stemmann
Dr. Jannis Stemmann
Bosch CyberCompare, Chief Executive Officer
Guido L. Villacis Rivas
Guido L. Villacis Rivas
EDF Energy, I&C Cyber Security Lead, PWR Technology, Technical Client Organisation

OEMs are taking a more active approach to product security and development, Patching is one of the oldest and most traditional ways to manage risk. It also is a slow and expensive way to manage risk so it is frequently avoided in the OT world. What else should be considered to manage risk?

Do we understand the aspects of cyber risk?

Where is the gap of what you dont know? 

Inside out apporach (product development and features) - Outside in approach (Don't deploy products into a environment that does not have a secure perimeter) >>Getting the balance right<<

What is the impact of the those risks?

Are trying to get ahead or are we simply responding to risk?

What are mitigating controls?

Getting the right talent and thought process in the right positions

Understanding the life cycles and that what we do is never enough but we can plan and anticipate "better"