This blog is a recap of the 2018 ICS Year in Review webinar hosted on April 24th.
Dragos Threat Operations Center VP Ben Miller and Principal Threat Analyst Mark Stacey discuss the 2018 Year in Review report: Lessons Learned From Threat Hunting and Responding in Industrial Environments.
Webinar Key Takeaways
- Cyber is guilty until proven innocent
- Applying specific IT solutions laterally to ICS networks will not result in a defensible organization
- Attackers have already reached IT/OT convergence
- When considering improvements to ICS security, everything can be within scope
- Successful incident response requires a thought-out approach and planning (keeping in mind, not all challenges are technical)
- Consistent monitoring for adversary behavior across ingress, egress, and lateral traffic remains the single best strategic and tactical action organizations can take
The full webinar can be viewed here:
The slide presentation can be viewed here:
To download the Year in Review reports, discussing ICS vulnerabilities, activity groups, threat hunting and IR observations, and executive insights for building an ICS security strategy, go here: https://www.dragos.com/year-in-review/