You are here

Compliance Does Not Mean Secure – Using ICS Threat Intelligence to Go Beyond the Basics

Compliance Does Not Mean Secure – Using ICS Threat Intelligence to Go Beyond the Basics

Created: Thursday, July 11, 2019 - 10:29
Categories:
Cybersecurity, General Security and Resilience, Security Preparedness

Meeting compliance requirements does provide a basic level of security, but for a comprehensive ICS risk management strategy, it is prudent to apply ICS-specific threat intelligence to go beyond the basics. ICS cybersecurity firm Dragos, Inc. stresses as the number of adversaries and ICS attacks increase, companies will greatly benefit from using real-life scenarios such as the CRASHOVERRIDE and TRISIS incidents to implement better defenses. As such, Dragos released a new whitepaper, The Real Risk to ICS Environments Using Threat Intelligence to Improve Compliance and Risk Management. The report defines “threat intelligence” and explores misconceptions about the severity of specific ICS threats, including seven lessons on how ICS threats manifest themselves in real events. The report also includes practical advice for operators to apply threat intelligence to reduce risks to their systems and stop real-world attacks. Read the whitepaper at Dragos