Now Available:

The 2023 OT Cybersecurity Report is here – your blueprint to OT cyber resilience.

Skip to main content

Using a Collection Management Framework for ICS Security Operations and Incident Response

A collection management framework (CMF) is an essential way to extend the value of an asset inventory to make it more useful for use-cases in security operations and incident response. A CMF helps analysts understand not only what they have, but what data is available from their assets, how long they store it, and what they can do with that data. Pre-made investigation playbooks pared with an understanding of the threat and what your collection is a core way to have a repeatable and scalable approach to monitoring your industrial networks for threats and responding to them efficiently.

This webinar outlines how to build a CMF and shows examples of how to use it. Examples educate attendees on incident response, threat hunting, and security operations use-cases in the industrial control system (ICS).

Discover More Resources Using Keyword Tags
Frontline Perspective

Never miss the latest ICS news and insights from our experts.


View the next webinar


2017 Year in Review: Threats and Activity Groups


View Webinar
Right Arrow

View more webinars

Right Arrow

Ready to put your insights into action?

Take the next steps and contact our team today.