Conor Aitken
Cybersecurity professional who specialises on Threat Intelligence, Detection Engineering, and Security Operations Design, focusing on Operational Technology (OT) and Industrial Automation and Control Systems (IACS) networks. I'm passionate about empowering and educating the next generation of cybersecurity professionals.
Session
Operational Technology (OT) networks are some of the hardest environments to secure. Legacy systems, fragile infrastructure, and limited monitoring often leave defenders blind to attacker movement. But where visibility fails, deception can step in. This talk explores the use of honeypots as active defence tools in OT environments - traps designs not only to detect adversaries but to misdirect, delay, and expose their tactics.
Through real-world case studies we will examine when and where honeypots make sense in OT, including:
1. Environments where traditional SIEM/NIDS cannot reach.
2. High-risk legacy networks that can't be patched or modified.
3. Situations requiring early threat detection, attacker behaviour mapping, and validation of security controls.
Through this presentation you will gain practical insights into honeypot design and deployment - from low-interaction perimeter sensors, to high-interaction internal systems - alongside lessons learned about maintenance, alerting and avoiding detection by modern adversaries.