Our Videos

Audio Transcript so uh in the next few slides what i’llbe doing is i’ll be taking you through aproven approach to secure ot and iot infrastructure from uh cyber attacks by developing a program which is afoolproof and when executed step by stepcan make sure that you prevent large attacks or prevent advanced persistent threats from happenings ot’s a topumlet’s look at it from bottom to up andum the first thing that we have to lookat is uhcreating a complete ot and an iottransparency program and by this what imean is that we need to create aregistry of all the assets which areconnected to the network and the risksthat exist on these assets andthese three things which work together that is ot and iot transparency program security assessment and risk assessment this becomes the first step to anyotnand iot security program and with thatwe can runred team assessments for protocol analysis asset analysis traffic analysiswhether it’s only ingress trafficallowed oregress traffic alert so all of thatcan be run andwe can also recognize rogue devices which are existing on thenetwork by running this transparencyprogram and the risk and gap assessmentcan be donein line with therecommendations from iso 31000 or iso 2127001 or ic6443 and many otherindustry standardsand together with this we can run thenetwork architecture review and thedevice and a configuration review whichhelps in understanding how the networkis set up and how the devices areconfigured how the protocols are usedand are we using encrypted methods tosend informationuh betweenzones and also from ot to it or from otto iot andafter we have done the first three stepsthen the next thing isrunning a complete vulnerability assessment program and thishelps in understanding uh what could bethe mitigation actions which have to beimplemented so that the vulnerabilities on those critical assetsare not exploited and then penetrationtesting on relay nodes application control usb restrictionin parallel with role-based accesscontrol or zoning the network and building secure conduit itselfafter we have all this ready and we have capabilities built into the organizationto handle ot and iot security is whenit’s the right time to introduce intrusion detection systems or advancedintrusion detection systems to detect threats and anomalies and also help with threat remediation uh programsin case there are any uh threats which occur and also ot sock uh building an ot and aniot sock which helps inuh monitoring or providing an eyes on glass for any threat alerts that occur and then uh would be the firewall jx anywsus that is windows system upgrade server setup or ccm server setup andmanaging theseupdates or patches and also creating a complete backup and restore strategy so that in case there is a ransomware attack we already have the critical data backed up and we can bring back the production or the shop floor or an iot environment tobring back bring it back to production within our lesson less than no time

Audio Transcript uh some of the typical problems in the next few slides what I’m going to do I’m going to take you through some of the typical problems that we see that csos or ot security experts are facing all the way from systems like SCADA or HMIs being run on outdated softwareslike windows 7 or windows xp and alsointernet explorer being used andunpatched applications being used onthese machines which can bea path for the attacker toenter and the antivirus running on itcan be outdated and the machine usingnetwork protocols which are outdated aswell so this can be exploited with atailorized attack right so if theattacker knows what are the applicationsor the devices that are present in anetwork environment byfollowing different methods like scansoreven trying brute force atoms andgetting into the network and the can he or she can use a combinationof these weaknesses to gain access tothe machines and the this can be treatedbyintroducing different parts to the otand iot security program which canprevent such attacks from happening andthe complexity of the attack is mediumto high but we’ve seen that attackersare using these methods to get into anetwork environment

Audio Transcript a quick introduction about sectrio sosecrio is a division within subex and wehave industries broadest range of i.tics cada or ot and iot securitycapabilities all the way from providingyoua complete asset visibility uh helpingyou with vulnerability managementvirtual network zoningthreat detection using both machinelearning and also signature baseddetection as well andwe have one of the world’s largestrepository of threat intelligencein the ot and iot space which allowsus to detectthe threats really early in the attackkill chain andpreventing the infection itself and wedon’t stop at detection but we help withremediation so we have built-inplaybooks uh into the um module or the sector suite which willhelp with the remediation as wellso we have um we have our headquartersin denver colorado usa and we haveoffices around the world in europemiddle east and asean and indiawe have dedicated solutions for iot icsand 5g cyber security andweour unique proposition that we bring inis the vastrange of threat intelligence we have 75000 signatures that were specificallywritten to detect ot and iot threatstoday we protect more than 10 milliondevices from cyber attacks and we havebeen awarded multiple awards for theinnovation in the space ofiot and ot cyber securitytogether with this solution suite wealso have complementing services so wedo help our partners and our customersin provide getting the value of theseservices around risk assessment gapanalysis a review of legacydevices usb restriction or mediarestrictionand in case of iotmanaging policies and procedures to meetthe changing requirements uh withrespect to different uh parts ofdifferent countries and all all of thisis packaged together into the solutionitself so we are one integrated cybersecurity solution provider who help youwithdiscovery of assets mitigation of risksdetection of threats and remediation ofthreat

Audio Transcript so the four modules are vulnerability management module network segmentation module threat management module and the threat intelligence module and uhlike i said on the previous slide it can be each of these modules can be used torun separate exercises as well so we canrun audits to help with providing risk assessment and gap analysis and we can introduce the network segmentation module to build a complete network topology and help with any kind ofnetwork access control capabilities and also protecting against any attacks which use wireless connections as welland the threat management module uhcomes with 75 000 signatures which help with detection of known threats and for any advanced persistent threats we have a heuristic layer which we have built which stitches different network packets together and applies rules to detect any advanced persistent threats and we also baseline what is going on on the network we baseline the asset behavior the network behavior and any anomalies that we see on the networkis immediately reported as part of the threat management module as well and the good part is in the ot uh environment or the operational ltechnology environment the solution is completely agentless and uh no impact whatsoever to the network environment and we bring in the latest threat intelligence both local and global threat intelligence into the threatmanagement model which helps with faster detection and faster recovery as wellour threat management module is built inline with the miter attack enterprise and the miter attack ics framework andthis helps infaster remediation as well because atany given point a net security analyst or a manager knows what the attacker is doing on the network and what should be the corrective action to contain the attack and also recover from that attack as well

Audio Transcript so how are leading businesses uh meeting their cyber security requirements um in the ot and IoT space so I’ll take you through a few customer use cases right next is with one of the oil and gas companies where we have again implemented the threat management module they had a really good ide security program which used uh an siem solution and they were monitoring the uh the ideal environment uh what we did was we introduced uh the continuous monitoring their OT and their process CCTV and IoT environment as well and we integrated all the threat alerts into their existing siem and before we introduce the solutions we ran a complete risk assessment and a gap analysis and created an integrated environment where our security suite integrated with their backup and restore or with their patch management tool or privilege access management or the ad servers so we created a complete integrated module this only enhanced their capabilities of detection of threats and also had them in getting a better ROI on already existing security solutions as well so this with the combination of custom playbooks which help them with faster

Audio Transcript so how are leading businesses uh meeting their cyber security requirements um in the OT-IoT space so i’ll take you through a few customer use cases right uh firstly in themedical IoT space so what we’ve done is we have installed our solutions in the medical IoT or the healthcare segments in UAE and what it’s doing for the customer is helping them build an asset registry and risk registry and helping them build and this solution is deployed completely on-prem so even the privacy of the data is uh managed uh using the sector suite and we have both passive ways and up smart probing which allows to create a complete asset registry with attribute information captured and also identity context and risks and the solution itself is protocol independent irrespective of whether legacy protocols are being used or OEM-specific protocols are being used we have built adapters uh which have which has helped the customers covering all the assets from OT to IT-IoT ide as well and provided them complete registry of what are the assets connected and what are the risks existing on those assets

Audio Transcript we have also seen weak passwords this is some this is a common issue that we have seen that default passwords are being used and this is an easy entry point the complexity of the attack itself is very low and the potential cause of the attack is or the impact is very very high and this is where we would bring in cyber security experts and help with designing a policy which would help in changing passwords orcreatingspecificrules and setting up passwords and managing these passwords using active directory or a privilege access management tools or identity and access management tools different ways that the this challenge can be resolved

Audio Transcript so how are leading businesses uh meeting their cyber security requirements um in the OTand IoT space. I’ll take you through a few customer use cases and we also have implemented solutions in large-scale industrial smart cities where we have been able to provide them a complete solution they have used the solution in their command and control center and this solution being agentless is zero impact and they’ve aggregated data from different industrial networks and different uh grid supports into one single environment where we are monitoring the traffic for them and uh even here we’ve demonstrated uh segregation unbiased on crown jewels or critical assets which have to be monitored with uh stricter policies and we have automated this monitoring and the response for their IoT and OT threads

Audio Transcript similarly segmentation the entry path to ot or iot uh attacks are usually id and how do we segregate the it network from the ot or the IoT network that is also an important piece and we’ll have to establish uh an authenticated network path and there has to be a machine which monitors and this machine should be owned by the security organization in managing the connectivity between ide and the ot or the IoT environment this is where webring in our network segmentation solution which and which can also bring in micro-segmentation and allow uh building secure uh zones and conduits between those zones to make sure that there is no lateral movement of the attack and also this uh solutions can help in building baselines to smart spot any anomalies or configuration changes or tag changes within the network environment itself

Audio Transcript so how are leading businesses uh meeting their cyber security requirements um in the OT-IoT space so I’ll take you through a few uh a customer use cases what we have also built-in is a solution stack which can be deployed in shipping vessels so this is which is the international maritime organization has recommended that there is a security there has to be an OT and IoT security solution which is part of the vessel and is monitoring any connections oversight Satcom or over uh nearshore uh 2g 3g 4gnetwork so we have built a very lightweight solution which also supports uphold and forward kind of technology which is helping these bezels in monitoring threats both when they are on sale and also when they are near shore as well and uh this lightweight solution has also helped in deploying the solutions solutions within a week’s time and meeting aggressive timelines because these vessels come on shore only for a week or 10 days and we have been able to deploy the solution do all necessary checks and allow them to sail back again with a cyber secured system