当前位置:首页 > 报告详情

研讨会 - 遏制危机倒计时 - 交互式 ICS_OT 网络危机演练.pdf

上传人: 可*** 编号:991847 2025-12-07 59页 3.58MB

1、Countdown to Containment!ICS IR WorkshopDean Parsons B.SC.,GICSP,GRID,CISSP,GSLC,GCIAPrincipal SANS InstructorICS515:ICS Visibility,Detection and ResponseICS418:ICS Security Essentials for Mangers(co-author)NOTES:Countdown to Containment!ICS IR Workshop4NOTE SECTION IN THE BACK OF YOUR HANDOUT!YOUR

2、ICS MISSION TODAY CHOOSE TO ACCEPT IS TO CAPTURE:TOP 3 THINGS TO IMPROVE YOUR ICS/OT IR PLANVALIDATE IF YOU HAVE CONTROL#3 FULLY DEPLOYEDVALIDATE IF YOU CAN OBTAIN MEMORY FROM KEY ICS ASSETSVALIDATE WHO IS RESPONSIBLE FOR ICS IR IN YOUR ORGCONSIDER EXECUTING AN ICS IR TABLETOP WITH THREAT-INFORMED E

3、NGINEERING SCENARIOSHAVE FUN AND ASK TONS OF QUESTIONS!PEOPLEPROCESSTECHNOLOGYPeople,Process,TechPEOPLEOperatorsField TechniciansICS/OT Security DefendersIT Security DefendersPEOPLE51%of respondents do not hold any ICS/OT-specific certifications,indicating a critical gap in dedicated ICS/OT cybersec

4、urity knowledge.So who is conducting ICS IR?_ AND the Engineers!PROCESSDHS warned in 2009 that“standard cyber incident remediation actions deployed in IT business systems may result in ineffective and even disastrous results when applied to ICS cyber incidents.”Yet,15 years later,nearly a third(28%)

5、of respondents still lack an ICS-specific incident response plan.PROCESSICS/OT Incident responseONLY 56%of organizations have a dedicated ICS/OT ICS IR PlanTOP ICS/OT ATTACK VECTORSPROCESS46%of ICS/OT compromised comes from IT support networks,allowing the threats into ICS/OT.PROCESSScenario?Targete

6、d Assets?Mapping to MITRE ATT&CK ICS?Incident ResponseTabletopScenario?!PROCESSACTIVE CYBERDEFENSE CYCLERepeatable ProcessICS/OT Trained DefendersApply to any ICS/OT environmentTECHNOLOGYLimited AI adoption in ICS/OTOnly 10%of respondents to the 2024 ICS/OT Cybersecurity Survey are currently using A

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《Countdown to Containment! ICS IR Workshop》的内容,以下是全文关键点的概括: 1. **ICS/OT 安全现状**:51% 的受访者没有持有任何ICS/OT专业认证,存在知识缺口。 2. **ICS/OT 事件响应计划**:只有 56% 的组织拥有专门的ICS/OT事件响应计划。 3. **攻击向量**:46% 的ICS/OT系统被攻击来自IT支持网络。 4. **技术采用**:仅 10% 的受访者使用AI进行ICS/OT安全策略。 5. **云技术**:26% 的受访者使用云技术于ICS/OT应用。 6. **ICS安全基础**:五项关键控制措施是ICS网络安全的基础。 7. **ICS事件响应桌面演练**:有助于提高检测与安全,验证事件响应准备情况。 8. **ICS IR 案例研究**:IT恶意软件影响ICS HMI的案例展示了事件响应的复杂性。 9. **ICS IR 资源**:提供免费资源以帮助组织建立和改进ICS/OT事件响应计划。
"ICS安全,你准备好了吗?" "如何打造坚不可摧的工业控制系统?" "揭秘ICS应急响应,你了解多少?"
客服
商务合作
小程序
服务号
折叠