Over the last few years, OT cybersecurity industry professionals have spent countless hours debating active versus passive network detection for OT asset inventory collection. However, this is not the right conversation. Though network detection can provide some visibility into ICS assets, the view provided by network detection tools is limited at best, and typically cannot collect detailed information on device configuration.
If your OT cybersecurity strategy conversations today are focused on the relative merits of using passive vs active network detection for inventory and configuration data collection, it’s time to change the conversation beyond this narrow focus. It’s time to talk about protecting OT assets within the broader framework of OT asset management.
OT asset management includes inventory management, configuration management, vulnerability management, and the detection of unauthorized changes. When compared to network detection, OT asset management provides much deeper visibility into industrial assets – all the way down to the field instrument and control strategy level – without the risk associated with active polling of the devices. OT asset management is also able to deliver the depth and breadth of information that cybersecurity professionals, as well as control system engineers, need to secure ICS assets effectively. This includes information such as control strategies and authorized versus unauthorized changes that OT network detection tools simply can’t provide.
In this session: