This blog is a summary of Dragos’ whitepaper, The Real Risk to ICS Environments: Using Threat Intelligence to Improve Compliance and Risk Management, written by Thomas Pope and Selena Larson.
Cyber threats to industrial control systems (ICS) are much different than what is theorized or targeted by compliance efforts that aim to secure critical infrastructure. Developing a list of vital security protection measures is valuable and important for securing ICS networks, but not all threats can be described nor addressed with a check box.
This risk to ICS is growing, led by threats to life and physical environments as demonstrated by the destructive TRISIS malware targeting safety instrumented systems (SIS) at an oil and gas facility. But the risk is largely unmanaged due to a lack of visibility into current threats, a constantly-changing threat landscape, and an increasing number of adversaries using different methods targeting this space.
Defense against these new threats and evolving methods is not fully addressed in compliance, as the requirements mostly address the bare minimum of security. As the number and scale of ICS attacks increase, companies need to re-evaluate how they treat risks to their environments outside of natural events and diversify security postures.
This is where ICS technology that is powered by threat intelligence – knowledge about adversaries based on evidence collected and analyzed by ICS intelligence experts – can greatly benefit a company. ICS-specific threat intelligence provides real-world evidence of incidents and context to detected threats or incidents. The information can be characterized into behavior-based threat analytics to rapidly detect adversary activity and can be incorporated into vertical-specific data for security and risk programs.
By leveraging ICS technology codified by unique threat intelligence, industrial organizations can better defend, in a targeted manner, against the growing threat landscape, more fully flesh out their risk profiles, and meet compliance mandates.
10 Steps to Reducing Risks in Your ICS with Dragos’ Intelligence-Driven Technology
To learn more about how to better secure your critical infrastructure and meet compliance standards, read The Real Risk to ICS Environments: Using Threat Intelligence to Improve Compliance and Risk Management.
To request a demo of the Dragos Platform or a free 30-day trial of Dragos WorldView, please email firstname.lastname@example.org.