Talk OT to Me

The conversation delves into the complexities of identity management for IT and OT, emphasizing the need for separate identity management to address different requirements and risks. It also highlights the importance of network segmentation, access control, and auditing for securing OT environments. Additionally, the human factor is identified as a significant vulnerability in cybersecurity, emphasizing the need for training and awareness. The practical approach to identity management is discussed, considering the cost and resources involved in implementation.TakeawaysIdentity management for IT and OT should be separated to address the different requirements and risks.Network segmentation and access control are crucial for securing OT environments.The human factor is a significant vulnerability in cybersecurity, and training and awareness are essential for mitigating risks.

The ManuSec Europe 2026 and S4x26 conferences provided valuable insights into the current state and future of OT security. Key themes included the rise of remote access, compliance standards, trust, AI, pen testing, and the need to validate humanity in the context of cybersecurity. These themes shed light on the challenges and opportunities in the OT security landscape. In this episode, Jesper and guest Jeffrey discuss their takeaways from being present in those conferences.

The conversation delves into the historical relationship between OT and IT, the challenges of integration, and the crucial role of leadership and personnel in bridging the gap. It also highlights the responsibility of vendors in providing tools that facilitate collaboration and the need for a shift towards a more collaborative and friendly relationship between OT and IT.TakeawaysOT and IT have historically been frenemies, but are moving towards a more collaborative and friendly relationship.Leadership, personnel, and strategic team-building are crucial in bridging the gap between OT and IT.Chapters00:00 Introduction and Background05:03 Challenges of IT-OT Integration34:06 Tooling and Vendor Responsibility

The conversation covers the critical importance of OT security, the differences between OT and IT security, real-world impacts of OT security breaches, the significance and impact of OT security, challenges in OT and IT security collaboration, the maturity of OT security in Europe vs. the US, and the influence of insurance companies on OT security. It also discusses the impact of COVID-19 on OT security, standards and compliance in OT security, European OT security regulations and their impact on the US, and the descriptive vs. proscriptive nature of frameworks in OT security.Chapters00:00 Introduction07:10 Real-world Impact of OT Security Breaches13:35 OT and IT Security Concerns and Priorities20:24 OT as the New Frontier in Cybersecurity26:20 Standards and Compliance in OT Security31:28 Descriptive vs. Proscriptive Frameworks in OT Security