Governance & Risk Management , Operational Technology (OT)
OnDemand | Enhancing SecOps Efficiency: How to Bridge IT and OT Threat Detection & Response Against Threats like VOLTZITE
As threats to industrial environments rise, the digitalization of electric utilities, oil & gas, and manufacturing networks have blurred IT and OT boundaries, expanding the attack surface. Threat groups like VOLTZITE (overlaps with Volt Typhoon/Vanguard Panda) exploit this by pivoting through the IT networks and exfiltrated specific OT data stored on assets adjacent to OT networks.
Security Operations Centers (SOCs) are now tasked with creating a unified view across IT and OT environments. By establishing foundational visibility, enhancing intelligence-driven threat detection and investigation, and coordinating incident response, SecOps teams can streamline workflows and strengthen security across both domains. This helps get ahead of emerging threats like VOLTZITE that demand collaboration between IT and OT teams, combining technologies to address the ever-evolving threat landscape.
Join the teams from Splunk and Dragos for a discussion on enhancing Security Operations to detect and respond to emerging threats like VOLTZITE, including:
- Foundational Visibility: Establishing a unified assets view across IT and OT, for enhanced vulnerability management, threat detection, and incident response.
- Intel-Driven Threat Insights: Reduce false positives with OT-specific threat detection, providing actionable, risk-based alerts with in-depth context.v
- Coordinated Response – Accelerate incident investigations and response through automation by utilizing relevant activity logs, timeline views, and ICS-specific response playbooks.
- Regulatory Compliance: Meet industry regulations like NERC CIP by bridging the IT-OT gap, improving collaboration, and reducing MTTR.