MITRE ATT&CK for ICS is a community-sourced framework for identifying malicious threat behaviors, specifically the tactics and techniques of the adversaries, in industrial control systems (ICS). When industrial cybersecurity defenders and tools map their detection mechanisms to MITRE ATT&CK for ICS, they are able to more efficiently and consistently anticipate and counter ICS threats.
Dragos significantly contributed to this community-supported knowledge base with findings from our technology customers and insights from our services and intelligence efforts. Dragos maps its technology and services to MITRE ATT&CK for ICS and is the first ICS cybersecurity vendor to fully integrate MITRE ATT&CK for ICS into its platform.
This paper offers information on why and how MITRE ATT&CK for ICS was developed and what ICS/OT (operational technology) cybersecurity practitioners can do to get the most out of this framework.