Patch Management and Software Updates: IT versus OT

Craig and Dino dig into the differences and nuances of patch management and software updates comparing IT versus Operational Technology (OT) environments. 

They explore the distinct challenges that OT systems face with software updates, and risks associated with patch management, including potential operational disruptions and risks of downtime. 

They discuss the importance of IT understanding the OT risks and challenges of updating software and implementing patches to ICS and OT equipment.

The conversation highlights innovative solutions like virtual patching, the role of OEMs, and the critical need for a strategic, collaborative approach to cybersecurity in industrial settings.

Chapters:

• 00:00:00 - Introduction to Patching Challenges
• 00:01:08 - IT vs OT Patching: Key Differences
• 00:02:55 - Understanding the Cost of Downtime in OT
• 00:03:32 - Overcoming Challenges with Legacy Systems
• 00:05:21 - Navigating OEMs and Safety Concerns
• 00:06:45 - The Role of Safety in OT Patching
• 00:08:52 - Exploring Virtual Patching Solutions
• 00:13:11 - Enhancing Vendor Collaboration and Risk Management
• 00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity
• 00:18:33 - Addressing Insurance and Compliance Issues
• 00:20:12 - Significant Consequences of Not Patching
• 00:23:14 - Building an Effective Collaborative Cybersecurity Strategy
• 00:24:03 - Conclusion and Actionable Insights

Links And Resources:

• Velta Technology
• Dino Busalachi on LinkedIn
• Jim Cook on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and Google Podcasts to leave us a review!