September 17 | 11:35am EDT | Virtual

The “Forgotten” OT/ICS Endpoints – How to Demonstrate Measurable Improvement in OT/IC Security

Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls connecting data and information networks, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable. We explore eight common mistakes that firewall administrators make and describe how these mistakes can compromise ICS network security. The lesson here though is not ‘stop making mistakes. ‘ The lesson is to choose appropriate technology for the need. We explore technology alternatives to ‘OT firewalls that eliminate the potential for online attacks as a result of misconfiguration.

John Livingston, CEO, Verve Industrial Protection


Tremendous gains are being achieved in industrial industries as we mature our cybersecurity programs in the OT portions of our infrastructures, however the attacks keep coming and are increasingly targeting our industrial processes. It is important for us to identify the right solutions to maintain secure and reliable operations in the face of determined threats.

Maintaining the integrity of our IT and OT technologies requires our security teams to keep doing the cybersecurity basics, but also requires us to spend our limited resources to make strategic investments in modern techniques and solutions created for OT. IT/OT convergence is not an effort to merge IT and OT, and we need to do more than just copy what we are doing in IT and paste it in OT.

This forum will explore various ICS topics through invited speakers while showcasing current capabilities available today. Presentations will focus on case-studies and thought leadership using specific examples relevant to the industry as we know it, ranging from:

  • IT/OT convergence, not IT/OT assimilation
  • Defensible perimeters between IT and OT
  • Governance and team strategies for OT
  • Secure remote access for employees and vendors
  • Enforcement boundary solutions to identify and contain attacks
  • Building and maintaining asset inventories

SANS Forum Registration

More info & registration

Learn More