I am thrilled to submit ExxonMobil’s session, "Journey to an OT SOC: Case Studies from Expanding Visibility" where I plan to dive into the hard lessons learned during the establishment of a OT Security Operations Center capability at ExxonMobil. Here's a summation of the key takeaways: We tried to address the critical need for aligning OT and IT in the cybersecurity realm while getting quick wins. Discussed the journey of creating a SOC capability tailored for OT environments. Explored the challenges faced, what tailoring, including technology integration, skillset requirements, and the development of specialized site / assets knowledge. Presented practical case studies highlighting summarized incidents the team worked on that shaped our approach to OT cybersecurity. I will share our insights into incident response strategies and the importance of continuous improvement in the face of evolving threats. I will outline strategies for fostering collaboration between OT and IT teams to enhance overall organizational preparedness. Discussed the role of threat intelligence, monitoring, and incident response in mitigating potential risks. Shared our commitment to continuous improvement, adapting to emerging threats, and refining our OT cybersecurity strategies.
The journey to fortify OT cybersecurity requires a proactive approach, collaboration, and a commitment to learning from both successes and challenges. I will have key takeaways for OEMs and for Asset owners. We hope the insights shared during my session contribute to all the members ongoing efforts in securing critical infrastructure.
SANS ICS Security Summit 2024
Journey to an OT SOC: Case Studies from Expanding Visibility
Blake Gilson, Industrial Cybersecurity Ops Manager, ExxonMobil
View upcoming Summits: http://www.sans.org/u/DuS