⏳ (15 minutes)

Quicklink to Lab Activity

Assessment Methodology from OT Segmentation Workshop slides

Walk the Floor (Initial Assessment)

Cinderbay Team

Maya - OT Engineer

Raj - OT Cybersecurity Manager

Paul - Firewall Administrator

Elena - Security Analyst

Scene: Raj calls a meeting with the OT engineering team and his firewall administrator to discuss an upcoming network segmentation project. His colleague in another town just suffered a major ransomware incident and Raj wants to make sure that does not happen at Cinderbay Water & Power

He turns to Maya and asks: “We know we need to implement some firewalls to protect us against IT intrusions, but how do we make sure we don’t break production?”

Maya rolls a chair over to a whiteboard map. She draws six arrows she knows the plant needs every day:

1. EngWS → PLC-A (Modbus/TCP 502) for controlled writes when maintenance is scheduled.
2. Safety-1 → OPC UA server (4840)
3. Safety-1 → PLC-A (Modbus/TCP 502) to reset trips
4. HMI → PLC-A for safe water filtration operations.
5. Historian → OPC UA server (4840) to read process values.
6. Jump host → EngWS (SSH 22) for break-glass support.