Operational Technology Intrusion Detection Systems (OT IDS) add value by raising alerts for suspicious patterns of network traffic, but these systems also impair security when deployed incorrectly. This is because all OT IDS sensor appliances have at least two network ports: one port is connected to a mirror or SPAN port on a managed OT switch, and another is a conventional management port for remote access and for reporting alerts to a Security Information and Event Management (SIEM) system.
Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions
At Waterfall, Andrew leads a team of experts who work with the world’s most secure industrial sites. He is author of two books on industrial security, a co-author of the Industrial Internet Consortium’s Security Framework, and the co-host of the Industrial Security Podcast. Andrew spent 35 years designing SCADA system products for Hewlett Packard, IT/OT connectivity products for Agilent Technologies, and OT/ICS security products for Industrial Defender and Waterfall Security Solutions.