EP 28: Why Mapping IT Security to OT Networks Doesn’t Always Work

The Purdue Model used in OT is essentially network security from the 1990s. New threats and new tech however required us to rethink that on the network side so how do we bring that new thinking to work with legacy OT systems? John Taylor of Versa Networks explains how there's a lot of implicit trust in the IoT and OT devices themselves, yet they don't have antivirus. Or firewalls. Worse, you're basically depending on the manufacturer of that device to provide security updates if necessary, and oftentimes they don't. Perhaps it’s time for a new approach such as SASE or secure access service edge.