Sign up to save your podcasts
Or
Share IT SOC vs OT SOC How & Why They’re Different
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
IT SOC vs OT SOC How & Why They’re Different
Craig and Dino tackle the critical differences between IT and OT Security Operations Centers, revealing why traditional IT-centric SOCs are failing to protect manufacturing environments.
Drawing from real-world examples, including a global beverage company that discovered they were only monitoring one-third of their OT assets, the hosts expose the fundamental disconnect between IT security teams and operational technology environments.
They discuss why IT SOCs struggle with OT visibility, the challenges of asset inventory in dynamic manufacturing environments, and the critical importance of localization in security operations.
The conversation covers practical barriers like line changeovers, PLC modifications, remote access vulnerabilities, and the need for OT-specific incident response protocols.
Craig and Dino emphasize that effective OT security requires IT teams to become embedded in plant operations, working collaboratively with OEMs and system integrators, and understanding the unique operational context of manufacturing assets.
This episode is essential listening for CISOs, plant managers, and security professionals trying to bridge the IT-OT security gap.
Chapters:
- (00:00:00) - The Two-Thirds Problem: When Your SOC Can't See Your Plant Floor
- (00:01:00) - The OT SOC Asset Visibility Problem: A Case Study
- (00:03:00) - Why IT SOCs Can't Manage OT Assets
- (00:05:00) - Line Changeovers and Operational Context
- (00:07:00) - First Responders and Incident Response Challenges
- (00:10:00) - The WannaCry Response Gap
- (00:12:00) - Asset Inventory and Baseline Challenges
- (00:15:00) - Incident Response and Phone Trees
- (00:17:00) - Organizational Accountability Problems
- (00:19:00) - Greenfield Opportunities and Standardization
- (00:22:00) - The IT-OT Collaboration Challenge
- (00:24:00) - Think Global, Act Local: Embedding IT in Plants
Links And Resources:
- Want to Sponsor an episode or be a Guest? Reach out here.
- Industrial Cybersecurity Insider on LinkedIn
- Cybersecurity & Digital Safety on LinkedIn
- BW Design Group Cybersecurity
- Dino Busalachi on LinkedIn
- Craig Duckworth on LinkedIn
Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
View all episodes
By Industrial Cybersecurity InsiderCraig and Dino tackle the critical differences between IT and OT Security Operations Centers, revealing why traditional IT-centric SOCs are failing to protect manufacturing environments.
Drawing from real-world examples, including a global beverage company that discovered they were only monitoring one-third of their OT assets, the hosts expose the fundamental disconnect between IT security teams and operational technology environments.
They discuss why IT SOCs struggle with OT visibility, the challenges of asset inventory in dynamic manufacturing environments, and the critical importance of localization in security operations.
The conversation covers practical barriers like line changeovers, PLC modifications, remote access vulnerabilities, and the need for OT-specific incident response protocols.
Craig and Dino emphasize that effective OT security requires IT teams to become embedded in plant operations, working collaboratively with OEMs and system integrators, and understanding the unique operational context of manufacturing assets.
This episode is essential listening for CISOs, plant managers, and security professionals trying to bridge the IT-OT security gap.
Chapters:
- (00:00:00) - The Two-Thirds Problem: When Your SOC Can't See Your Plant Floor
- (00:01:00) - The OT SOC Asset Visibility Problem: A Case Study
- (00:03:00) - Why IT SOCs Can't Manage OT Assets
- (00:05:00) - Line Changeovers and Operational Context
- (00:07:00) - First Responders and Incident Response Challenges
- (00:10:00) - The WannaCry Response Gap
- (00:12:00) - Asset Inventory and Baseline Challenges
- (00:15:00) - Incident Response and Phone Trees
- (00:17:00) - Organizational Accountability Problems
- (00:19:00) - Greenfield Opportunities and Standardization
- (00:22:00) - The IT-OT Collaboration Challenge
- (00:24:00) - Think Global, Act Local: Embedding IT in Plants
Links And Resources:
- Want to Sponsor an episode or be a Guest? Reach out here.
- Industrial Cybersecurity Insider on LinkedIn
- Cybersecurity & Digital Safety on LinkedIn
- BW Design Group Cybersecurity
- Dino Busalachi on LinkedIn
- Craig Duckworth on LinkedIn
Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!