book

IoT and OT Security Handbook

Name: IoT and OT Security Handbook
ISBN: 9781804619803

by Smita Jain, Vasantha Lakshmi

March 2023

Intermediate to advanced

172 pages

3h 36m

English

Packt Publishing

Read now

Unlock full access

IoT and OT Security Handbook
ForewordContributorsAbout the authorsAbout the reviewers
Preface
Who this book is forWhat this book coversTo get the most out of this bookDownload the color imagesConventions usedGet in touchShare Your ThoughtsDownload a free PDF copy of this book
Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0
How is Industry 4.0 being leveraged?Understanding cybersecurity challenges in the age of Industry 4.0Enumerating the factors influencing IoT/OT securityHow to overcome security challengesSummary
Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model
Zero-trust architectureNetwork segmentation in the IoT/OT environmentUnderstanding the layers of the Purdue modelHow layers disrupt security when not managed wellData diodesData diodes in action in OT/IoTSummary
Chapter 3: Common Attacks on IoT/OT Environments
Why do we see frequent attacks on the OT/IoT environment?Diminishing airgapThe legacy of OT assetsWho performs attacks on OT/IoT systems and how and why do they do it?Famous OT attacksThe Triton attackOldsmar cyberattack on the US water systemThe Colonial Pipeline cyberattackThe Ukraine electric grid attackHow do these attacks impact businesses and humans?Summary
Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
Chapter 4: What Is Microsoft Defender for IoT?
The IoT and OT environmentsThe role of asset inventoryRisk and vulnerability managementContinuous threat monitoringOperational efficiencyMDIoT benefitsZero impact on network performanceQuick deploymentAdvanced threat detectionSummary
Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?
The topology of network architectureThe most common network topologies in OT/IoT networksA multilayer, multitenant networkDiverse ways of traffic mirroring for OT monitoringSPANActive and passive aggregationHow the Purdue model is applied to MDIoTSensor placement considerationsOT sensor cloud connection methodsAzure proxyProxy chainingConnecting directlyMulti-cloud connectionsSummary
Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?
Missing asset inventory for IoT/OT devicesRisk and vulnerability managementContinuous IoT/OT threat monitoring, incident response, and threat intelligenceThe installation of the MDIoT serviceSummary

Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
Chapter 7: Asset Inventory
The device inventory in an on-premises console or the sensor console and the Azure portalThe sensor consoleAn on-premises consoleMDIoT in the Azure portalAsset visibility – IoT/OT and identifying the crown jewelsImportant devices – generating attack vectors and risk assessment reportsSummary
Chapter 8: Continuous Monitoring
The protocol violation detection engineThe policy violation detection engineThe industrial malware detection engineThe anomaly detection engineThe operational engineSummary
Chapter 9: Vulnerability Management and Threat Monitoring
Risk assessmentSummary
Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework
How MDIoT helps in implementing the NIST Cybersecurity FrameworkHow MDIoT helps in ZTA implementations in an OT environmentVisibilityProtectionContinuous monitoringValidating ZTA with attack vectorsSummary
Index
Why subscribe?
Other Books You May EnjoyPackt is searching for authors like youShare Your ThoughtsDownload a free PDF copy of this book

Overview

Learn how to navigate the complex world of IoT and OT security with clear, actionable advice in the "IoT and OT Security Handbook." This book covers the essentials of understanding and resolving key cybersecurity challenges and dives deep into using Microsoft Defender for IoT to secure devices effectively.

What this Book will help me do

Understand cybersecurity challenges in IoT/OT environments and their implications.
Master the principles of deploying and utilizing Microsoft Defender for IoT.
Become proficient in threat monitoring and vulnerability management techniques.
Learn how to implement a zero trust architecture for IoT and OT security.
Gain skills in assessing risks and establishing continuous monitoring frameworks.

Author(s)

Smita Jain and Vasantha Lakshmi are experts in the IoT and cybersecurity spaces. With years of experience developing secure systems and advising on industrial transformation, they combine theoretical insights with practical frameworks. Their writing reflects a passion for educating professionals by breaking complex topics into accessible concepts.

Who is it for?

This handbook is perfect for IT security professionals, industrial security experts, and IoT engineers with foundational cybersecurity knowledge aiming to deepen their skills. Whether you're a penetration tester, a security architect, or someone responsible for protecting IoT/OT systems, this book is designed for you. It assumes familiarity with basic IT security concepts and provides concrete steps to advance your expertise, empowering you to build secure and robust IoT and OT systems.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Industrial Network Security, 3rd Edition

Publisher Resources

ISBN: 9781804619803

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills