Part 2 of an ongoing collaboration between General Electric and Dragos.
Methods for conceptualizing and leveraging knowledge of the threats against ICS to position your business to appropriately prioritize security innovations.
When considering threats to Industrial Control Systems (ICS), it is important to note that the “threat” is the human adversary. It is a mistake to simply focus on studying malware or patching vulnerabilities because many attacks can be done with native features and functionality already present in industrial networks. This whitepaper, 2nd in a 3-part series, focuses on articulating how to cost-effectively understand threats against industrial systems and drives the point that security should be adapted based on connectivity requirements from the business and the threats to the processes, rather than published vulnerabilities and exposures.