Connect with us

Hi, what are you looking for?



RSA Conference 2023 – ICS/OT Cybersecurity Roundup

SecurityWeek is providing a summary of ICS/OT cybersecurity announcements made at RSA Conference 2023, including talks, products, and new initiatives.

RSA Conference ICS OT cybersecurity

Hundreds of companies showcased their products and services this week at the 2023 edition of the RSA Conference in San Francisco, including companies providing ICS and other OT cybersecurity solutions.

Over the past days, SecurityWeek published daily digests summarizing some of the announcements made by vendors.

RSA Conference 2023 – Announcements Summary (Day 1)

RSA Conference 2023 – Announcements Summary (Day 2)

RSA Conference 2023 – Announcements Summary (Day 3)

The final roundup for the 2023 RSA Conference focuses on the industrial cybersecurity-related announcements, as well as some of the sessions.

On the first day of the RSA Conference, several cybersecurity companies specializing in ICS/OT announced teaming up to create ETHOS (Emerging THreat Open Sharing), a vendor-agnostic, open source information sharing platform that is designed to serve as an early warning system for critical infrastructure.

Advertisement. Scroll to continue reading.

ETHOS is a technology platform for sharing threat information anonymously and in real time across various industries. The shared information includes indicators of compromise (IoCs) such as IP addresses, hashes, and domains, which can be useful to defenders for detecting new threats. 

Also on the first day, industrial cybersecurity firm TXOne Networks announced a new portable device designed for OT risk assessments and asset management, helping organizations streamline their auditing process. 

The new product, called Portable Inspector, is a USB drive storing TXOne scanning software. It does not require the installation of any software on analyzed systems. The device is connected to a system and scans it for malware, while also collecting asset data such as Windows update status, computer information, and application lists.

An LED indicator on the USB drive shows whether malware was detected on the system — the LED is blue if no malware was detected, green if malware was detected and cleaned, and red if malware was detected but further action is required. 

Portable Inspector uses TXOne Networks’ new ElementOne management console to provide organizations with detailed asset security overviews.

MITRE announced an OT plugin for the Caldera automated adversary emulation platform, which allows security teams to run exercises that are tailored to operational technology. Organizations can use it to evaluate their cyber defenses against known OT adversaries.

MITRE Caldera for OT provides plugins for blue or red team training, as well as product testing and evaluation. 

Related: Innovation Sandbox: Cybersecurity Investors Pivot to Safeguarding AI Training Models

A new product was also announced by Xage Security, which provides a zero trust security platform for Industrial Internet of Things (IIoT) systems. 

Xage unveiled a new identity and access management (IAM) solution for OT and ICS environments. Xage Multi-layer Identity and Access Management, which complements the company’s other authentication solutions, allows organizations to orchestrate multiple identity providers and AD domains, restrict asset visibility, and enable new authentication methods for users. 

ICS/OT sessions at RSA Conference 2023

The talks related to ICS/OT are available on demand to those who have registered for the RSA Conference.

On the first day, Robert Lee, CEO and co-founder of Dragos, presented a summary of the industrial cybersecurity firm’s latest annual threat landscape report, with some updates since the report was initially published in February. 

Also from Dragos, Chuck Weissenborn had a talk describing a national critical infrastructure cyber incident response plan.

Ulrich Lang and Jason Kramer of ObjectSecurity, which specializes in securing OT/ICS assets and mitigating supply chain risk, described a CWE associated with malicious AI training, and explained the use of automated AI/ML model source code analysis and stopping adversarial AI attacks.

Learn More at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
ICS Cybersecurity Conference
October 23-26, 2023 | Atlanta

Bill Malik of Trend Micro had a talk on detecting and reacting to supply chain vulnerabilities from a maritime perspective, describing the issues that pose a significant risk to the port and shipping industry. 

Dan Gunter of Insane Forensics and Gabe Weaver from the Idaho National Laboratory had a session on improving OT network and host baselines to secure critical infrastructure. The experts suggested using micro-baselines, which are signatures within operational networks based on observables associated with specific events.

Related: Counting ICS Vulnerabilities: Examining Variations in Numbers Reported by Security Firms

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.