Saturday, July 15, 2017

ICS CERT Releases 2016 Assessment Summary Report

ICS-CERT conducted 130 assessments in the fiscal year 2016, which is more than in any previous year. Monitor newsletters published by ICS-CERT this year show that it has already conducted 74 assessments in the first half of 2017.
Similar to the previous two years, inadequate boundary protection remained the most common flaw – 94 discoveries representing more than 13 percent of all weaknesses identified during assessments. Boundary protection issues can result in failure to detect unauthorized activity in critical systems, and an increased risk to control systems due to the lack of proper separation from the enterprise network.
This may sound like a simple to avoid issue, but business demands and security demands often conflict and if you aren't very careful it's easy to breach your boundaries without realizing it.  (Or whoever is in charge just doesn't care, or the system was installed before control system security became a big deal and people don't want to mess with what's working. )
Post a Comment

Hey everybody let's be nation state hackers

Apparently Mitre is cross referencing attack data , collected on the ATT&CK platform ,  with open source intel (OSINT) to create playbo...