Boards and management teams are increasingly concerned about the potential business impact of cyberattacks on their operational technology (OT) and industrial control systems (ICS), including costly production outages, safety and environmental incidents, and theft of sensitive intellectual property.
To help network defenders detect and respond faster to these attacks, MITRE recently released MITRE ATT&CK for ICS, a standard framework for understanding the diverse tactics that adversaries use to compromise and pivot through ICS networks.
Unlike MITRE’s ATT&CK for Enterprise framework, which was developed for corporate IT networks, ATT&CK for ICS focuses on adversaries whose primary goal is to compromise OT networks.
The IoT/OT Security Challenge
As digitalization and Industry 4.0 drive the deployment of billions of new IoT/OT devices — along with pervasive connectivity between IT and OT networks — they’re also increasing the attack surface by a factor of three times compared to just a few years ago.
These IoT devices don’t support agents and are often unpatched, unmanaged, and invisible to IT teams – making them soft targets for adversaries seeking to disrupt production facilities and/or gain access to corporate networks.
To make matters worse, most of the legacy OT devices and protocols deployed in ICS environments were developed decades ago and are insecure by design, lacking modern controls such as strong authentication, encryption, and hardened software stacks.
Led by Joe DiPietro, VP of Customer Success at CyberX, the webinar will cover the following topics:
- The 11 classes of tactics described in MITRE ATT&CK for ICS
- How to use the framework to improve your ICS security posture
- How real-world ICS attacks are detected by CyberX’s agentless IoT/OT security platform
About the Speaker
Joe DiPietro has more than 20 years of leadership and hands-on experience with enterprise security leaders including AlgoSec, IBM, Guardium, and Check Point Software. At AlgoSec, he established and led the company’s technical sales engineering function for the Americas and was later promoted to lead the function worldwide. At IBM, he was director of sales engineering and a IBM InfoSphere Data Governance Center of Excellence Leader. He previously led worldwide sales engineering for Guardium, which was acquired by IBM for $220 million. Prior to IBM, he was Check Point’s first sales engineer and later rose to the position of Director of Systems Engineering. Joe holds a master’s degree in Computer Science, a Master of Arts degree, and a bachelor’s degree in Mechanical Engineering.
To register for the webinar, or to receive a recording of the presentation, please visit: https://www.sans.org/webcasts/115010. (Note: you must create a free SANS account to register.)
Funded by Norwest Venture Partners, Qualcomm Ventures, and other leading venture firms, CyberX delivers the only cybersecurity platform built by blue-team experts with a track record of defending critical national infrastructure. That difference is the foundation for the most widely deployed platform for continuously reducing IoT risk and preventing costly outages, safety and environmental incidents, theft of intellectual property, and operational inefficiencies. For more information, visit CyberX.io or follow @CyberX_Labs.