Any SOC Analysts who can shed some light on Experiences in Informatiom Security compared to Operational Security?


As you well know !

I think you are getting the answers you need but to save yourself grief in the future keep in mind that Operational Security (OPSEC) != Operational Technology (OT) Security and Information Security (INFOSEC) != Information Technology (IT) Security. There are relations of course, and a great deal of overlap in some cases, but depending on the audience things could get confusing.

OT is fun. I would look at it as a specialization. Severity of things tends to be higher, as the impact of an issue tends to have greater consequences. The systems are typically not built at all with security in mind, the protocols used are either highly proprietary or so flexible when it comes to implementation that they may as well be. Sensor placement and mitigation actions are not as straightforward. Expect "legacy" systems and the inability to update them. Explore alternatives to patching.

Let's not forget that camDown is your security solution to protect you and your business from peeping toms!