Fine-Tuning ICS Threat Models to Prioritize Mitigations of the Most Vulnerable Devices
- LANGUAGE: English DATE: Thursday, June 13, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
When discussing the matters of industrial cybersecurity with IT experts, lamenting the historical divide between OT and IT seems to be a popular topic: you would often hear that the OT engineers are stubbornly ignoring the latest cyberthreats and do not see security as a priority in general.
Of course, this cannot be further from the truth: ensuring security and safety of industrial control systems has always been the most important job for OT experts. However, after decades of dealing with unique technologies and regulations and with a traditionally strong focus on human and process safety, securing IT assets was by far not their top priority.
As industrial networks are becoming increasingly complex, geographically dispersed and interconnected, however, both impact and probability of numerous cybersecurity risks are growing, and the biggest challenge for CISOs nowadays is no longer how to persuade OT people to take notice, but how to evaluate a vast number of potential threats and to prioritize the actions needed to protect their networks.
In this KuppingerCole webinar, we are talking about the following topics:
- Understanding the current state of ICS threat landscape;
- Identifying your key OT assets and systems, as well as their vulnerabilities;
- Designing a threat model that considers both the CIA defense strategy and the levels of attacker capabilities;
- Using risk scores to prioritize threat mitigation actions and controls.
In the first part of the webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will provide an overview of the current state of the industrial network threats and risks. He will talk about the challenges CISOs are facing when balancing risk controls with budget, time and expertise constraints.
In the second part, Ilan Barda, CEO of Radiflow, will present a threat detection model that considers both the CIA defense strategy and the levels of attacker capabilities and demonstrate how it helps CISOs select and prioritize the actions needed to protect the network.
Radiflow is a leading provider of cyber security solutions for critical industrial automation networks (i.e. ICS/SCADA), including power utilities, water facilities, chemical plants and more.
Radiflow’s security tool-set validates the behavior of both M2M applications and H2M (Human to Machine) sessions in distributed operational networks. Radiflow’s security solutions are available both as in-line gateways for remote sites and as a non-intrusive IDS (Intrusion Detection System) that can be deployed per site or centrally.
Radiflow was founded in 2009 as part of the RAD group, a family of ICT vendors with over $1Bn annual revenues. Radiflow solutions were launched at the end of 2011, validated by leading research labs and successfully deployed by major utilities worldwide.
Radiflow solutions are sold as either integrated into wider end-to-end solution of global automation vendors or as a standalone security solution by local channel partners.
At some point, any business connected to the internet is likely to become a victim of a ransomware because they are relatively easy and inexpensive to carry out, but potentially yield large payouts for cybercriminals. The best way of tackling this threat is to know how to break the attack chain.