In this post I will discuss risk evaluation of attack vectors and applying Radiflow’s cyber risk evaluation model, which is now incorporated into Radiflow’s iSID Industrial Threat Detection System.
In general, OT networks have very high availability requirements. This makes asset patching a very complicated task, whether the patching is done for operational or cybersecurity purposes.
Therefore, prioritization of patching tasks is crucial for maintaining a strong and relevant cybersecurity posture. This calls for a risk model that takes into account parameters relevant to the organization.
Radiflow’s risk model includes several characteristics and algorithms. This post will focus on the effects of the cyber-attacker’s capabilities and their potential lateral movement within the ICS network.
In a recent whitepaper, we explored and analyzed the different attacker capabilities, based on published cyber-incidents as well as data acquired during various Radiflow assessments. The whitepaper classified attackers’ capabilities using over ten properties. In this post, I’ll use a three-level categorization of attacker skills…
Read the full Security Brief: Automatic Risk Evaluation of Cyber-Attack Vectors
Request a demo to learn more about how iSID could help your business
[inject id=’code-47fd23f73a9caecab1e206306adae7f9′]
Harmonizing risk and consequence strategies across IT and OT environments for greater cyber resilience
Strengthening OT Resilience: Protecting Critical Systems in a Rapidly Evolving Threat Environment
Quarterly ICS Security Report 2024 Q3