Network as Sensor: OT- and IT-Network Detection & Response

16/10/2024
Damovo News

Expert presentation at it-sa 2024 by Stefan Ilchmann, Group Practice Lead Enterprise Networks at Damovo

Damovo is represented at it-sa with three expert presentations that address key topics in IT security. Each presentation offers practical information and solutions that companies can directly incorporate into their security strategies.

In his presentation, Stefan Ilchmann, Group Practice Lead Enterprise Networks at Damovo, will discuss how to secure OT end devices, since these sensors and actuators in machines are increasingly being targeted. The presentation is aimed at decision-makers and managers in the fields of production, logistics, automation, and energy and water supply, and will highlight practical solutions for monitoring OT devices.

We asked Stefan a few questions in advance about the most important aspects of the presentation.

Please introduce yourself and your role at Damovo.

My name is Stefan Ilchmann. I have been working internationally for leading companies in the enterprise networks industry for 32 years and have successfully held various positions in R&D, product management, sales and strategy. I have been part of the Damovo team for 7 years and am currently responsible for the ‘Group Practice Lead Enterprise Networks’ area. My focus is on advising companies on digital business transformation and developing new services for Damovo in close cooperation with our partners.

What challenges do you currently see in the area of cybersecurity that you would like to address in your presentation?

In my presentation, I will focus in particular on the topic of OT detection & response, which, in my view, has not yet received sufficient attention in the context of cybersecurity. In the IT sector, it is now taken for granted that endpoints are secured, as these are a typical gateway for cybersecurity threats and often at the beginning of a kill chain. However, just like IT end devices, OT end devices, i.e. sensors and actuators in machines, are also at risk of becoming targets.

Who is your presentation aimed at in the first instance?

The presentation is aimed primarily at decision-makers and managers in the industrial environment of production, logistics and automation technology, but also at companies in the energy and water supply sector.

What can participants take away from your talk that will really help them in their day-to-day work?

I will be highlighting key learnings from current projects. In one of these, we used IP-based customer networks as a cybersecurity sensor to monitor typical OT devices such as programmable logic controllers (PLCs) particularly efficiently. So it’s a network detection and response (NDR) solution.

Such devices from the OT or IoT environment are often provided and maintained by external partner companies. In most cases, no security clients are available for these devices and it is not uncommon for these devices not to receive regular security updates. This means that, as part of a security concept, OT end devices must be considered a potential threat and monitored by the network in line with a zero trust approach.

How do you think cybersecurity will develop in the next few years? What trends do you see?

Cybersecurity will continue to grow in importance. With the advent of AI, the threat situation will intensify once again because attacks will become even more intelligent and their scope will increase significantly due to automation. At the same time, however, AI can help to develop and implement effective defence mechanisms. It is important to stay on the ball here.

Information at a glance

When: Thursday, 24 October 2024, 1:30–1:45 p.m.

Where: Cisco stand, hall 7A, stand 504