Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment
action image header it logic
Forums it-sa Expo Knowledge Forum D

The importance of IT- and Product Cybersecurity for a holistic BCM approach

An integrated approach for IT security and product cybersecurity sets the stage for an holistic Business Continuity Management approach.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Save and remember action
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Tue, 22.10.2024, 16:45 - 17:00

event_available On site

place Forum, Booth 7A-106

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Education and training Awareness / Phishing / Fraud Legislation, standards, regulations Governance, Riskmanagement and Compliance Industry 4.0 / IoT / Edge Computing Managed Security Services / Hosting Mobile Security SIEM / Threat Analytics / SOC Trend topic

Key Facts

  • Incident Response Management
  • Cyber Threat Intelligence
  • Security Operations Center

Organizer

Event

This action is part of the event Forums it-sa Expo

Action Video

grafischer Background
close

This video is available to the it-sa 365 community. 
Please register or log in with your login data.

Action description

Business Continuity Management is not only triggered by IT security but also by product security. Product Cybersecurity supports BCM by ensuring that products are secure and resilient to cyber threats. This contributes significantly to maintaining uninterrupted business operations and protects the organization from the many risks associated with cyberattacks and security incidents on its product related revenue streams.
Other than IT security, product security is a new topic for many industries and is gaining traction to be on every CEO’s agenda. For companies producing connected products, the EU Cyber Resilience Act (CRA) will define requirements addressing the cybersecurity of the product along the entire product lifetime. Soon enough, similar to a vehicle type approval, a CE certificate for a product will only be issued if the manufacturer of connected products can showcase evidence that security requirements are implemented.
Security integration means to compare approaches for IT security and product security and to focus on overlaps and differences along specific security related topics:
Incident Response Management (IRM): Incident response management in an IT environment is a structured approach to addressing and managing the aftermath of a security breach or cyber-attack. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
IRM for products is a complex process to handle and mitigate security incidents that affect embedded electronic systems, such as electronic control units and connected services, or other digital components of the product.
Cyber Threat Intelligence (CTI): Focusing on IT Systems, CTI involves collection of data from different sources as a first step. Sources can be: open-source Intelligence, data from technical sources (honeypots, network traffic analysis, etc.), human intelligence data (insights from cybersecurity researchers, threat analysts, and other professionals), dark web intelligence or company internal data (logs, alerts, and other data generated within the organization).
Focusing on products, CTI means dealing with complex ecosystems, a product specific unique threat landscape and for products like e.g. vehicles with Advanced Driving Assistance Systems (ADAS) and autonomous mobile robots for last-mile delivery. For a product, building a CTI is quite cumbersome and the issue of threat intelligence sharing is much more complex than for IT systems. In many cases, the need for collaboration and sharing of industry specific information proprietary to the manufacturer is required. This results in establishing costly partnerships with cybersecurity firms, government agencies, and other stakeholders to build a CTI which is specific to a product.
Security Operations Center (SOC): The technologies of an IT SOC and a product SOC (PSOC) are adapted to the respective requirements and threats of the different environments.
The assets to protect in the IT environment are enterprise systems, admin networks and more. On the contrary, the assets to protect for a product is the product itself, its moving parts and operational components that have a structured internal communication. An IT SOC uses general IT security tools, while a PSOC uses specialized solutions for the security of connected products. Unlike conventional IT environments, product data is compartmentalized across different parts and actors, each using its own communication method and protocol. Therefore, a special component needs to be integrated in the product to centralize and collect security relevant data for analysis.
Conclusion
An integrated consulting and service approach for IT security and product cybersecurity sets the stage for establishing an holistic Business Continuity Management approach. Companies following this approach will ensure continuous operations of business activities, including the integrity and availability of their products at all times. ... read more

Downloads

Language: English

Questions and Answers: No

Speaker

show more

You might also be interested in

12/5/2024| 09:45 AM - 12:30 PM
it-sa Expo&Congress: Recap 2024

It is hard to believe that it-sa Expo&Congress in 2024 lies in the past for over a month now. We ...
it-sa@home
10/24/2024| 01:45 PM - 03:15 PM
it-sa@home: Expo Day 3 - Session 2

Experience the third and final day of our it-sa Studio on 24 October 2024!
it-sa 365 Key Visual
10/24/2024| 01:00 PM - 02:30 PM
Career Day - Live Session
Header of shiftavenue GmbH
10/24/2024| 12:30 PM - 12:45 PM
shiftavenue introduces itself

Introducing shiftavenue - We modernize your infrastructure with a focus on Workplace, Cloud and C...
Header of Splunk
10/24/2024| 12:15 PM - 12:30 PM
5 Tactics for How Attackers Evade Security Analysis

We show how phishers design their attacks to bypass analysis and detection measures. We highlight...
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.