Responding to OT and IoT Cybersecurity Incidents
In Chapter 7, Cybersecurity Operations, we covered incident response, BCP, and DRP in detail as related to IT. Although, at a high level, the processes will be the same, it’s important to acknowledge that there will be some unique differences in the handling of incidents related to OT and IoT. Here, we will briefly cover the importance of BCP and DRP for your OT and IoT environments, the need to ensure your CIRP considers OT and IoT technologies, and you are running OT/IoT tabletop exercise themes.
BCP and DRP
The BCP plan for your organization will not change, whether you have OT/IoT or not. However, you need to ensure that you are familiar with the broader BCP for the organization if you are overlooking an OT/IoT program. If there is a major cybersecurity incident with any of your OT/IoT infrastructure, the BCP plan will also need to be invoked. As a reminder, we covered BCP in detail in Chapter 7, Cybersecurity Operations...
