What can companies do to minimize the likelihood of a high consequence attack? And why do so many programs fail to achieve that goal even after spending considerable resources? Armexa VP, John Cusimano, answers these questions in an article in Security Managment.
“The answer to these questions comes down to a failure of the company to identify the realistic threat vectors (a.k.a., attack pathways) into their critical systems.”
Oftentimes, people assume that cyber threats are going to originate in the IT environment and propagate into the OT environment. That is certainly a common and likely pathway, but it is by far not the only one. A lot can be learned by studying prior incidents, identifying the threat actors and mapping out the attack vector used by the threat actor. Tools such as the MITRE ATT&CK and ICS ATT&CK frameworks can be helpful in mapping the attack pathways.
Additionally, methodologies such as Cyber HAZOP and Cyber Bowtie, both derived from safety engineering methodologies, are used to study and document cyber threats, vulnerabilities, and consequences, as well as pinpoint the most effective measures that can be taken to prevent and mitigate cyber incidents.
Read the full article at Security Management-> Best Practices for Minimizing OT Threats
