Skip to content

Investigations: The Missing Link in OT Security and Bill C-8 Compliance


Course

Grant Smith of Netscout explains why packet-level visibility is the missing link between OT threat detection and Bill C-8 compliance, and how continuous full packet capture enables faster investigation and evidence-backed regulatory reporting.

Detection tools light up dashboards with alerts - but alerts are not evidence, and evidence is what Bill C-8 compliance now demands. Canada's critical infrastructure operators have 72 hours from awareness of a cyber incident to investigate, reconstruct and report it to regulators. That clock does not start when containment begins; it starts the moment the organization becomes aware. For most OT teams still relying on logs, netflow and agent-based tools, that window is already closing before the investigation has started.

This session, led by Grant Smith of Netscout, will cover:

  • Why alerts without packet-level context create alert fatigue and miss the root cause of OT incidents;
  • How continuous full packet capture creates tamper-proof, timeline-accurate forensic evidence that log data and netflow cannot provide;
  • What a compliant Bill C-8 incident response looks like - from hour zero awareness through to evidence-backed regulatory reporting within 72 hours.
 

 

Here is the course outline:

Investigations: The Missing Link in OT Security and Bill C-8 Compliance

Completion

The following certificates are awarded when the course is completed:

CPE Credit Certificate