Traditional security offers a castle-and-moat or perimeter approach to assess whether connections are trustworthy and should be given access, but the current industrial control systems (ICS) ecosystem requires a different approach. Zero Trust reminds us that the information security perimeter never really existed. The pace of attacks, and ubiquity of IIoT is forcing us to improve our cyber-resilience quickly. This talk addresses how to bring Zero Trust to the ICS world: the benefits, the challenges, architectural constraints, planning and sizing the effort, success criteria, and future evolution. We will present a model for Zero Trust success, revealing how to integrate it with cybersecurity policies and procedures, set new requirements for vendors, align reporting and metrics, and properly use MSPs for ongoing trustworthiness.
- Hear practical steps to take towards a comprehensive, integrated information security program covering all intelligent devices, sensors, and networks within and beyond the enterprise.
- Understand how ICS teams can work with their IT counterparts on cybersecurity measures – risk assessment, appropriate countermeasures, and architectural assumptions.
- Discover how technology leaders can better align the goals and effectiveness of enterprise detection, mitigation, and response to cyberthreats across their IT infrastructure.
