Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Evaluating ICS Vulnerabilities - Prioritization and Mitigation Strategies

Dragos: ICS Cybersecurity via YouTube

Overview

Explore the critical aspects of Industrial Control Systems (ICS) vulnerabilities in this 24-minute conference talk from the DISC-SANS ICS Virtual Conference. Delve into the 2019 vulnerability year in review report with Katherine Vajda, Dragos Senior Intelligence and Vulnerability Analyst. Gain insights on processes and drivers for prioritizing and understanding vulnerability risks within ICS environments. Learn how to maximize return on investment for mitigation efforts. Examine key findings, the Purdue Model, and Dragos' approach to vulnerability assessment. Understand the importance of answering crucial questions about vulnerabilities, prioritization techniques, and the Dragos Threat Score. Analyze specific examples involving Rockwell Automation and General Electric products. Explore patching, mitigation strategies, risk-based approaches, and monitoring techniques. Conclude with valuable recommendations for vendors and ICS-CERT to enhance overall ICS cybersecurity.

Syllabus

Intro
Key Findings
Goofy Venn Diagram
Purdue Model Example
Dragos Process
Dragos Sources
Answer the Three Questions
Do we understand the vulnerability?
Prioritization
Dragos Threat Score
Rockwell Automation Connected Components Workbench
General Electric Communicator
Patching
Mitigation
Risk-Based Approach
Monitoring
Recommendations for Vendors and ICS-CERT

Taught by

Dragos: ICS Cybersecurity

Reviews

Start your review of Evaluating ICS Vulnerabilities - Prioritization and Mitigation Strategies

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.