Subscribe to be notified for updates: RSS Feed

Patrice Bock

Customer Success Manager, Sentryo

Patrice Bock is working as consultant since 2005, and previously has worked for HP for 9 years in the field of manufacturing and systems integration.

Since 2011, Patrice is working in the field of IACS (OT - industrial systems) cybersecurity, and is member of ISA 99 workgroup. He was been working in various industrial sectors, including energy (nuclear & conventional), water distribution, transportation, chemical, oil&gaz... Mr Bock is a contributor to several French national work groups, has published a dozen articles, is co-author of the reference book "La cybersécurité des systèmes industriels" (Editor Cepadues, 2015, French) and is the lead author of the March-April 2017 InTech article “A standards based, forensic analysis of the Ukrainian Power grid cyber-attack” that uses ISA/IEC 62443-3-3 as a benchmark.

In 2016 Patrice Bock has joint Sentryo, a lead OT network integrity and cybersecurity solution provider, where he works as expert on IACS cybersecurity and is in charge of supporting the customers and partners during setup, test, ramp-up and support phases.

Combining IT and OT security monitoring to prevent cyberattacks

Industrial Control Systems Cyber Security

Abstract: By configuring and connecting an OT Security Monitoring solution (such as Sentryo ICS CyberVision) and IT-dedicated systems (such as hosts and firewall logs centralized in IBM QRadar or RSA NetWitness), it is possible to correlate IT and OT events and raise alerts when suspicious activity is detected both in the IT office environment and on the shopfloor at IACS level. 

The presentation will use the Ukrainian Dec 2015 cyber-attack on electrical distribution:

  • the ukrainian cyber-attack will be quickly summarized: we will refer the audience to the March-April issue of Intech, where we are provide a much more detailed analysis of the cyber attack, using ISA/IEC 62443-3-3 as a benchmark, evaluating the ukrainian distributor SL-A at the time of the attack, and estimating the SL-T needed to prevent the cyber-attack. As this presentation takes at least 1h and is rather technical, we will only refer to the article and the key take-aways, letting the interested parties fetch a copy of InTech for further reading
  • a proof-of-concept has been done with IT and OT N-IDS integrated and correlated into an actual SIEM platform: we will show how technically this is rather easy to do
  • take-aways will be highlighted about the ways to integrate IT & OT teams and processes: we will explain that this is the actual challenge

Copyright 2016 DMS Global - Design by DMS Cybernation