The OT Security Academy

The Omny Retrospect of S4x24

Written by Omny | April 4, 2024

An S4 retrospect: What really happened at the premiere OT security event of the season? Check out the review from the attendees from Omny. 

S4 is known as THE place to be for OT and ICS Security enthusiasts. An annual conference, it draws attendees from across the globe, all of whom share an interest in solving some of the most complex cybersecurity challenges facing industry today. 

Omny was of course in attendance at the Miami-based event in March this year, with several of the company’s experts either on stage or eagerly absorbing and networking. Three of Omny’s participants, Tomomi Aoyama, Izabela Hawrylko, and Ian Fox, have shared their key takeaways, thoughts, and even wishes for the future of S4. Here’s a short re-cap of their S4 reflections:

Here’s a short re-cap of their S4 reflections

 

Tomomi Aoyama, Product Strategist

“S4 is a gathering of thought leaders in the OT security field – still a relatively small field. It was great to see advanced best practices and some experimental concepts that are now being applied in the field.”

 

Shared OT Security metrics to enable stakeholders

Q: What changes did you notice at S4x24? Where are you seeing increased maturity?

“The OT security industry has had years of discussions around vulnerability prioritization and risk scoring. One growth we see this year is this notion of shared, universal metrics. It is no longer enough to have an internal maturity scale in OT security anymore. We now acknowledge that there are wider stakeholders both internally and externally, outside of the OT security community, who must be able to compare OT security incidents and non-cyber incidents (apples and oranges) and enable executives to make the tough calls.”

Outreach to support the broader OT security needs

Q: Many topics were covered at S4, but was there anything you missed and hope to see next year?

“At S4, you really get this sense of community. We are all in the same boat together. But when we talk about OT security, we are only addressing the top of the pyramid, the largest companies who are putting this topic on the agenda. But as we know, industry is large and complex, and there are many companies at all levels of the pyramid that will require OT security support…and I hope that we work as a community to start addressing this broader need.”

 

Ian Fox, Security Researcher

“I really like the question asked during S4’s closing panel about which areas among NIST cybersecurity framework pillars (Identify, Protect, Detect, Respond, Recover, and newly added Governance) we, as in OT security, are over- and under-invested in. The consensus seems to be that we have put a lot into the area of detection right now, in terms of finding those vulnerabilities and risks, but less so on recovery, once a cyber-attack hits. This is definitely an area worth pursuing, and it’s inspired me to look for future project ideas on this topic.”

 

Applying IT security research to OT environments

Q: From your perspective as a security researcher, what did you find to be the most interesting topic(s)? 

“There were several talks about trying to make the code that runs in industrial environments more resilient, whether through static/dynamic analysis, runtime instrumentation, hardware that can catch invalid memory accesses, or some combination of those. I’ve always thought that kind of stuff was cool, so I’m excited to see it being adopted in the OT space and I think there are a lot of opportunities to take what’s been done in the IT security world with those techniques and apply them to OT environments.

“The other LLM (Large Learning Model) talk was also great, learning about how others are applying that technology to real problems was fascinating.”

Hope for Generative AI adaptation in OT security solutions

Q: What topics do you look forward to seeing more in the future?     

“LMs are definitely big news at the moment; it feels like there’s a new breakthrough with them every week. What I’m interested in going forward is seeing how well they can be used in production environments to solve real problems where things like reliability and resistance to attackers are big concerns.”

 

Izabela Hawrylko, Head of Partnerships and Channel Sales

“I think we’ve come a long way in the OT security world, but it’s clear that there’s still a long way to go. What I hope we discuss more of at S4 in the future is how to help CISOs release budget for OT security, better supporting them on rationale and importance of it for business continuity. Companies are aware of the need, but it’s still challenging to internalize it and allocate budget, and this is something that we as vendors need to help them with.”

Creation of a diverse and collaborative OT community

Q: For those considering to attend S4 in the future, what would you say is the best reason for going?

“It really is a great community, and in this community, everyone is willing to share knowledge and insight. This year there were a lot of new people in the OT space, as people are now coming in from different domains. There is a need for more experts in the OT security field, and so people are being recruited and S4 serves as a great part of their education.”

Impact of regulations and vulnerability management

Q: In your opinion, what is the ‘next big thing’ that was discussed at S4?

“It was very clear that regulation is the big thing coming. There will be more of it, as we are already seeing in Europe with NIS2, and this will serve to stimulate the OT security environment. We also talked a lot about managing vulnerabilities in industrial environments and in equipment in the best possible way, as this is a common challenge for the S4 community.”

 

Do you agree with our assessment of S4x24? We would love to hear more from you and get your opinion. 

Tell us more about your experience or if you would like to know where Omny is headed next.