OT defenders may be experienced in the preparation for and response to industrial incidents such as fire, loss of containment, and other hazardous situations that can arise in industrial facilities. However, few OT defenders have the same level of training and experience in cybersecurity incident response in industrial environments.
This whitepaper is divided into two main sections. It first provides an overview of Incident Response (IR) and Incident Management (IM) as well as the distinction between IT and OT IR concepts. Each phase of the Incident Response process is analyzed, and key differences highlighted. The second part of this whitepaper focuses on specific preparations operators and OT Incident Responders should perform to be effective when a response case is triggered. Appendices to this whitepaper provide material practitioners and managers can use to support the build-up and validation of IR procedures and effective foundations for IR activities.
Interested in learning more? Request a demo from Dragos here.