11-23, 16:15–16:55 (Europe/Vienna), Track 1 (Dachssal)
In an era where industrial systems are increasingly targeted by sophisticated cyber threats, understanding how these attacks take place and how to defend against these attacks is crucial. This presentation will provide an in-depth look at Red Team operations within Operational Technology (OT) environments, such as factories and power plants.
We will begin by outlining the fundamental differences between OT and IT security, highlighting the unique challenges and vulnerabilities present in OT systems. This foundational knowledge sets the stage for a deeper exploration of the current threat landscape within OT environments.
The core of the presentation will focus on real-world case studies from our Red Team assessments. We will walk you through the methodologies we use to simulate real attacker behaviours, from initial infiltration to identifying critical vulnerabilities, all while ensuring minimal disruption to operational processes.
Agenda:
- Introduction: Overview of Operational Technology (OT) and Red Teaming
- Distinguishing IT from OT: Key Differences and Implications
- Current Threat Landscape: Emerging Threats and Vulnerabilities in OT
- Red Team Operations in OT Environments: Strategies, Tools, and Techniques
- Case Studies: Real-world Examples and Lessons Learned
Sarah is a Senior Consultant at NVISO, with a focus on Red Team Assessments. Complementing her cybersecurity experience, she has developed proficiency in Operational Technology (OT) assessments and continues to specialize further in this area.
She possesses a Master's degree in Applied IT Security, which has been enriched by her diverse experiences in cybersecurity roles across various companies.
In addition to her professional work, Sarah is dedicated to contributing to the community by leading workshops and delivering presentations at international industry conferences.