Play all

Intro

What is MITRE?

Announcing ATT&CK for ICS

What is Dragos?

Agenda

What is ATT&CK?

Breaking Down ATT&CK

Motivation for ATT&CK for ICS

ATT&CK for ICS Technique Matrix

Process of Mapping to ATT&CK

Find the Behavior

Research the Behavior

Translate the Behavior into a Tactic

Figure Out What Technique Applies

Threat Intel Mapping

Assessing Coverage

Identify Adversary Methodology

ICS Access

Intrusion, Recon, & Control

Attack Delivery & Execution

ICS-Specific Impacts

Mapping ICS Threats to ATT&CK

Typical Defense Development

Alternative: Identify 'Weird'

Problem: No Context

Identifying Threat Behaviors

ATT&CK and Threat Behaviors

Complete Threat Detection

Continuous Development

Community Engagement

Continued Adversary Evolution

Mapping ATT&CK to ICS Threats

References & Resources

Description:

Explore the MITRE ATT&CK framework for Industrial Control Systems (ICS) in this 45-minute webinar. Gain insights into how ICS network defenders can leverage a common lexicon for categorizing ICS-specific techniques and threat behaviors to enhance threat detection and response capabilities. Delve into the structure of ATT&CK, its application in ICS environments, and the process of mapping behaviors to tactics and techniques. Learn about threat intelligence mapping, assessing coverage, and identifying adversary methodologies across various ICS attack stages. Discover how to develop comprehensive threat detection strategies, engage with the community, and stay ahead of evolving adversary tactics in the ICS cybersecurity landscape.

MITRE ATT&CK for ICS: Improving Threat Detection and Response in Industrial Control Systems

Dragos: ICS Cybersecurity

Add to list

#Engineering #Manufacturing #Industrial Automation #Industrial Control Systems #Information Security (InfoSec) #Cybersecurity #Threat Intelligence #Threat Detection #MITRE ATT&CK

0:00 / 0:00