Loading...
Speakers
David Meltzer
Chief Research Officer, Vice President of Corporate Development
Tripwire
United States

Biography

David Meltzer is a security industry pioneer bringing a unique blend of technical expertise, entrepreneurial skill and market vision to his current position as Tripwire's Chief Research Officer and Vice President of Corporate Development. David joined Tripwire through its acquisition of nCircle, where he served as Chief Technology Officer and Vice President of Engineering. Immediately prior to joining nCircle, David was Founder and Chief Technology officer at Cambia Security, where he pioneered the industry’s first agentless configuration compliance auditing solution. A respected security researcher who founded the industry’s first security vulnerability research group, the ISS X-Force, David is credited with the discovery of numerous security vulnerabilities. He holds a B.S. in Computer Science from Carnegie Mellon University.

Title

Reconciling IT and OT Security

Synopsis

Industrial control systems (ICS) were designed to operate for years or sometimes decades without interruption. This level of reliability and resiliency is inconceivable in the IT world, where security procedures involve regular updates, reboots and downtime. Today, the Internet of Things is interconnecting ICS devices, forcing a fast, large-scale convergence of information technology (IT) and operational technology (OT) – but at what cost?

Recent reports show vulnerabilities and cyber-attacks targeting industrial devices have increased dramatically. These factors leave both teams no choice but to reconcile two distinctive sets of goals and objectives.

Using real-world scenarios of disruption caused by the collision between IT and OT infrastructure, this presentation will cover:
  • Why OT professionals are rightfully concerned about applying traditional IT security into their environments.
  • Tools OT and IT professionals can use to communicate more effectively about security and resiliency.
  • Practical advice for addressing cybersecurity concerns without jeopardizing availability or reliability.