Safeguarding the Industrial Frontier OT SOC & Incident Response
Adam Robbie
DEF CON 33 · Day 1 · Main Stage
This talk delves into the critical and often overlooked realm of Operational Technology (OT) security, specifically focusing on the establishment and operation of an **OT Security Operations Center (SOC)** and effective **incident response** strategies. Given by Adam Robbie and a colleague identified as Joe during the discussion, the presentation exposes the stark realities and unique challenges faced when securing industrial control systems (ICS), SCADA, and other OT environments. Unlike the rapidly evolving IT landscape, OT systems are characterized by incredibly long lifespans, legacy hardware, and a foundational lack of security-centric design, making traditional IT security approaches largely ineffective or impractical.
AI review
Competent OT security practitioners sharing hard-won operational experience — the Ukraine power grid angle and the SOC integration model are the genuine highlights. But this is practitioner war-story territory, not novel research, and the technical content rarely goes deeper than what's been circulating in ICS security circles for the better part of a decade.