FREE GRC Workshop

LEARN MORE

Recommended Event: Convene: Boston | Cybersecurity & Human Risk Conference Aug 13 - 14, 2026

From Exposure to AI-Driven OT/IoT Resilience

Solution Category IoT Security
Type Webinar
Organization Nozomi Networks

Webinar Description

Key Takeaways

  • Webinar examining real-world attack patterns targeting operational technology environments across ASEAN critical infrastructure
  • Joint presentation from Google Cloud Mandiant and Nozomi Networks covering red team findings and defensive strategies
  • Focus on IT/OT boundary vulnerabilities, asset intelligence and continuous monitoring approaches
  • Relevant for security professionals responsible for industrial control systems, critical infrastructure and IoT environments in the Asia-Pacific region

Introduction

Industrial control systems and operational technology environments have become increasingly attractive targets for sophisticated threat actors, particularly across the Asia-Pacific region where rapid digitalisation of critical infrastructure has expanded attack surfaces. This webinar, scheduled for 30 July 2026, brings together incident response specialists from Google Cloud Mandiant and industrial cybersecurity experts from Nozomi Networks to examine how attackers compromise OT environments and what defenders can do to improve resilience.

The session addresses a fundamental challenge facing industrial organisations: translating findings from point-in-time security assessments into sustainable, continuous defence capabilities. As IT and OT networks become more interconnected, the traditional air-gap assumptions that once protected industrial systems no longer hold, making this discussion particularly timely for organisations operating critical infrastructure.

About This Event

This virtual event draws on frontline experience from OT incident response engagements and red team exercises conducted by Mandiant, Google Cloud’s threat intelligence and incident response division. The presentation will be delivered jointly with Nozomi Networks, a specialist in OT and IoT security monitoring solutions. The webinar is scheduled to accommodate audiences across multiple Asia-Pacific time zones, reflecting the regional focus of the threat landscape discussion.

Attack Patterns Targeting ASEAN Critical Infrastructure

A central component of the session involves examination of real-world attack patterns observed across critical infrastructure sectors in the ASEAN region. Mandiant’s red team engagements provide a controlled adversarial perspective on how attackers identify initial access vectors, establish persistence and navigate from enterprise IT networks into operational technology environments.

The distinction between IT and OT security is significant. While enterprise networks typically prioritise data confidentiality, operational technology environments must balance security with safety and availability requirements. Attackers who understand these constraints can exploit the gaps that emerge at IT/OT boundaries, where visibility often diminishes and security controls may be less mature. The webinar will detail common architectural weaknesses identified through these engagements, offering defenders insight into where their own environments may be vulnerable.

Transitioning from Assessment to Continuous Defence

One of the persistent challenges in OT security is the gap between identifying vulnerabilities during periodic assessments and maintaining ongoing defensive capabilities. Red team exercises and penetration tests produce valuable findings, but organisations often struggle to operationalise these insights into sustained improvements.

The presenters will address how organisations can build continuous monitoring and defence strategies using several interconnected capabilities. Asset intelligence forms the foundation, as defenders cannot protect systems they do not know exist. Many industrial environments contain legacy devices, undocumented connections and shadow OT assets that evade traditional IT asset management approaches. Network visibility extends this foundation by providing insight into communications patterns, protocol usage and anomalous traffic that may indicate compromise or misconfiguration.

Threat detection in OT environments requires understanding of industrial protocols and normal operational behaviour. Unlike IT networks where signature-based detection remains effective for known threats, OT environments benefit from behavioural analysis that can identify deviations from established baselines. Risk-based prioritisation helps security teams focus limited resources on the vulnerabilities and threats most likely to result in operational impact, safety incidents or regulatory consequences.

Accelerating Investigation and Response

The session will also explore how security teams can improve investigation efficiency when incidents occur. Operational technology environments generate substantial telemetry, but transforming this data into actionable intelligence requires contextual analysis that accounts for the specific characteristics of industrial processes.

Natural-language exploration capabilities represent an emerging approach to making OT security data more accessible to analysts who may not possess deep industrial control system expertise. By enabling investigators to query operational data using conversational interfaces, organisations can potentially reduce the time required to understand incident scope and determine appropriate response actions.

Industry Context

The focus on APAC and ASEAN critical infrastructure reflects broader geopolitical and economic factors driving increased threat activity in the region. Rapid industrialisation, significant investment in smart city initiatives and the strategic importance of energy, manufacturing and transportation sectors have made the region a priority target for both state-sponsored and financially motivated threat actors.

Regulatory frameworks governing critical infrastructure protection continue to mature across the region, with several jurisdictions implementing or strengthening requirements for OT security monitoring, incident reporting and supply chain risk management. Organisations operating in these environments face pressure to demonstrate security capabilities that extend beyond traditional IT controls into operational technology domains.

Who Should Attend

This webinar is designed for security professionals with responsibility for industrial control systems, critical infrastructure protection or converged IT/OT environments. Roles likely to benefit include OT security managers, industrial cybersecurity engineers, security operations centre analysts supporting industrial environments, and risk managers overseeing critical infrastructure portfolios. The content assumes familiarity with fundamental cybersecurity concepts but will provide context for OT-specific considerations that may be less familiar to IT-focused practitioners.