IoT and OT: Owning the risk on someone else's assets: Best practices for approaching IoT cyber risk

Wednesday
 
27
 
November
3:50 pm
 - 
4:30 pm
Topic
Internet of Things / Operational Technology
Agenda
Sign in to add this session to your agenda
Add to My AgendaAdded to My Agenda
Location
Room 103
Theme
Cyber Security Infrastructure

Speakers

Leon Poggioli
Leon Poggioli

Leon Poggioli

Leon Poggioli

ANZ Regional Director
Claroty

Synopsis

In the evolving landscape of cyber threats, managing IT cyber risk is a well-defined process. Organisations with Operational Technology (OT) networks have honed their strategies to elevate OT cyber maturity to a commendable level. However, a significant gap remains in the understanding and management of cyber risk within Internet of Things (IoT) infrastructures. These infrastructures can be as varied as CCTV systems, HVAC controls, Building Management Systems, and point-of-sale terminals.

In this presentation, Leon Poggioli dives into the complexities of securing OT environments and translates those hard-earned lessons to the realm of IoT. He will draw upon lessons learned from securing OT infrastructure to show how organisations can apply these principles to improve the security of their entire cyber-physical systems.

Specifically, Leon will address the following topics:

  • Understanding the unique challenges of IoT and OT cyber risk and the current state of OT Security
  • Leveraging principles from OT cyber risk management to secure cyber-physical systems: Applying established principles from OT cyber risk management, such as network segmentation and real-time monitoring, to enhance the security of cyber-physical systems.
  • Identifying diverse IoT infrastructure components such as CCTV, HVAC, Building Management Systems, and Point of Sale: Cataloguing and assessing various IoT infrastructure components, including CCTV systems, HVAC units, Building Management Systems, and Point of Sale terminals.
  • Best practices for approaching IoT cyber risk: Implementing industry-standard best practices tailored to address IoT cyber risk, including risk assessment, vulnerability management, continuous monitoring, and deployment of advanced security technologies.
  • Highlighting the importance of taking ownership of cyber risk on someone else's assets: Emphasising the critical need for stakeholders to assume responsibility for managing cyber risks associated with third-party IoT assets, including establishing clear accountability and robust contractual agreements.
Back to Program

Acknowledgement of Country

We acknowledge the traditional owners and custodians of country throughout Australia and acknowledge their continuing connection to land, waters and community. We pay our respects to the people, the cultures and the elders past, present and emerging.

Acknowledgement of Country