Security in the Operational Technology (OT) domain is a wide, wild landscape. With a large number of risks that belong to the category of ‘unknown unknowns’ and pushed by sophisticated cybercriminals and nation state threat actors, companies and states are combatting an ongoing flood of attacks. Dealing with such events requires more than a dedicated Security Operations Center (SOC); it requires hands-on training and learning by doing. An increasingly popular way of testing in a controlled way is Red Teaming.
Red Teaming in the Operational Technology domain is significantly different from traditional Red Teaming against traditional enterprises. First and foremost, risk to the operation in an OT network is unacceptable. Therefore the Red Team has to adhere to the highest standards to make sure you have an optimal learning experience with minimal risk.
For example, initial access to the IT-domain can be obtained with traditional Red Teaming techniques, but once access to the OT-domain has been realised, the focus shifts more and more away from a real attack simulation and more towards a collaboration with the Blue Team to ensure the continued operation of the network.
- OT Threat Landscape
- What is Red Teaming
- Red Teaming in the Operational Technology domain
- Modus Operandi
- Scenario Examples
- (OT) Information Security Professionals
- Risk and Compliance personnel