On November 9 & 10th, 2017 ENCS organized the OT Monitoring Training. This training is part of the OT Security Monitoring project. Monitoring the security of operational technology systems, is crucial to detect vulnerabilities and incidents. This course teaches analysts responsible for monitoring how to use their tools. They learn what sensors and data-sources there are available to monitor operational technology systems, and their strengths and weaknesses. In hands-on exercises they learn how to interpret the data to filter out false positive, and analyze incidents.
Several ENCS members participated in this OT Monitoring Training that was held at the World Trade Center (WTC) at Schiphol Airport. Also delegates from our new members took part in the training. For them, it was a good opportunity to integrate quickly into the ENCS community.
Participants gathered to:
– Learn how to prioritize detection activities to counter security risks
– Learn to interpret security information available to identify vulnerabilities in OT systems, and define mitigations
– Learn to efficiently identify possible incidents in data sources available in the OT domain.
The training enables ENCS members also to share and build knowledge in securing OT Systems as the state of security differs from member to member/ country to country.
There was a dynamic discussion of topics such as the complexity of the asset inventory management, risks related to when long-time employees (20-30 years grid operators) leave utilities leading to a skills gap of steering and replacing legacy systems and security Incident and Event Monitoring (SIEM) Systems.
At the end of the OT security monitoring project, all ENCS members will benefit from a set of requirements for their future system procurement, guidance on the solutions on the market and guidelines on ongoing security monitoring and incident response. Ultimately, this will mean better protection for utilities and their customers.