At Claroty, we believe the best industrial cyber-defense strategy is to present a unified front against threats to IT and OT assets by establishing a converged security operations center (SOC) that protects these once separate technology environments in a holistic manner.
Based on Claroty’s experience guiding industrial enterprises across the globe successfully through this journey, we have identified five essential steps for establishing a converged IT/OT SOC that have proven instrumental in optimizing the efficacy, efficiency, and implementation time:
Appoint a designated IT/OT cybersecurity program manager
Achieve optimal alignment with existing cybersecurity capabilities
Gain visibility into IT and OT security alerts within the OT environment
Designate a cybersecurity site leader (CSL) for each OT site
Establish a PSIRT tasked with handling standard operating procedures (SOPs)
This white paper details the benefits of a converged IT/OT SOC, offers tips for attaining executive buy-in, and provides security leaders with guidance in completing the five steps listed above.
