Title: “OT SOC – use cases and opportunities for SOAR”
Automation in the OT space is typically a non-starter when security leaders approach the topic with business area stakeholders. However, when we approach the topic from an operations and safety perspective, and highlighting how areas of automation are already happening in day to day operations, the conversation becomes a little easier to accept. Building trust with stakeholders, testing automations in a near-production like lab environment, and building human in the loop automations are some of the first steps to take to automating security functions in your OT environment.
Trevor Houck is a Senior Manager within Accenture Security. He joined Accenture in April 2020 via Accenture’s acquisition of Revolutionary Security where he was a Senior Security Consultant, and led strategy for OT Network Defense Services.
Trevor is currently leading efforts at a major Industrial client to build a dedicated OT SOC and supporting functions to protect the client from cybersecurity threats in their various operational environments. The team has helped the client achieve monitoring & response maturity in their OT environments through baseline assessments, strategic planning, foundational process creation, establishing a SIEM strategy which included customized alerting for the operational context, and provided OT-specific cybersecurity training to analysts and operators. These efforts have culminated in a dedicated OT SOC that was focused on the cybersecurity operations in the OT environments, while also considering reliability and efficiency concerns.