In the past, ICS/OT networks were isolated, and they operated independently, using proprietary hardware, software, and communication protocols. But in recent years, as the boundaries between OT and IT networks continue to blur, leading to a higher risk of outside attacks, Vulnerability Assessment plays a vital role in identifying and validating gaps in security processes.
Gaining these insights on gaps and exposures through Vulnerability Assessment alone isn’t enough. Unless backed with a crucial compliance structure, Vulnerability Assessment by itself is inadequate in safeguarding the OT environment.
Compliance is an on-going process and, a wholesome compliance structure demands the incorporation of, external as well as internal regulations.
The purpose of this session is to enable a security practitioner with requisite information on ‘Security Compliance in the ICS environment’ and discuss Risk identification beyond VA/PT. Thus, in turn, help build a well-rounded security program.
Krishna Sashank is a Senior Cybersecurity consultant with EY and specializes in conducting security assessments for Critical Industrial environments such as Oil & Gas, Energy, Manufacturing, and Smart Cities.
He is an Electrical & Electronics Engineer with an MSc. in New & Renewable Energy from Durham University, UK.
Krishna Sashank is passionate about emerging digital technologies and believes in a research-based, people-centric approach to the digital transformation of Businesses.