Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

5 Considerations for ICS Incident Response

Dragos: ICS Cybersecurity via YouTube

Overview

Explore a comprehensive webinar on Industrial Control Systems (ICS) incident response, led by Kai Thomsen, head of Dragos's International ICS threat hunting efforts. Delve into five crucial recommendations for ensuring successful, timely, and efficient incident response, ultimately leading to a safe return to stable operations. Gain insights on preparing for IR events, assigning decision-making responsibilities, determining when to shut down operations, identifying root causes, and engaging an IR team. Learn about the Incident Command System, ICS Cyber Kill Chain considerations, escalation factors, and defining thresholds for unacceptable risk. Understand the importance of knowing your adversary, focusing on relevant activity groups, identifying techniques, and assessing your detection capabilities to enhance your organization's ICS cybersecurity posture.

Syllabus

Intro
Preparing for an ICS IR Event
Know Your Adversary - Focus on Relevant Activity Groups
Identify Techniques
Understand your Detection Capabilities
Considerations for ICS IR Preparation
Assigning IA Decision Making Responsibility
The Incident Command System
ICS IR Decision Making Considerations
Determining When Shutdown of Operations is justified
ICS Cyber Kill Chain Considerations
Escalation Factors
Define Thresholds for Un-Jacceptable Risk
Getting to Root Cause
RCA Considerations

Taught by

Dragos: ICS Cybersecurity

Reviews

Start your review of 5 Considerations for ICS Incident Response

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.