Grant Smith of Netscout explains why packet-level visibility is the missing link between OT threat detection and Bill C-8 compliance, and how continuous full packet capture enables faster investigation and evidence-backed regulatory reporting.
Detection tools light up dashboards with alerts - but alerts are not evidence, and evidence is what Bill C-8 compliance now demands. Canada's critical infrastructure operators have 72 hours from awareness of a cyber incident to investigate, reconstruct and report it to regulators. That clock does not start when containment begins; it starts the moment the organization becomes aware. For most OT teams still relying on logs, netflow and agent-based tools, that window is already closing before the investigation has started.
This session, led by Grant Smith of Netscout, will cover:
- Why alerts without packet-level context create alert fatigue and miss the root cause of OT incidents;
- How continuous full packet capture creates tamper-proof, timeline-accurate forensic evidence that log data and netflow cannot provide;
- What a compliant Bill C-8 incident response looks like - from hour zero awareness through to evidence-backed regulatory reporting within 72 hours.
Here is the course outline:
Investigations: The Missing Link in OT Security and Bill C-8 Compliance |
Completion
The following certificates are awarded when the course is completed:
![]() |
CPE Credit Certificate |
