To Patch or Not to Patch OT— A Risk Management Decision
RSA Conference 2024 · Track Session
In the critical realm of Operational Technology (OT), the decision to implement security patches is far more complex than in traditional IT environments. This talk, delivered by Omak Hayman of Rockwell Automation at RSAC 2024, delves into the unique challenges and imperative considerations surrounding **patch management** in **industrial control systems (ICS)**. Hayman argues that patching in OT must be approached not merely as a technical task, but as a comprehensive **risk management decision**, carefully weighing the potential impacts of vulnerabilities against the risks of system downtime or instability introduced by patching.