Copy

View This Email In Your Browser

ICS Security: Friday News and Notes

2022 - Week 45

Eric Goldstein of CISA promotes in an article: machine readable security advisories using CSAF, VEX to "communicate whether a product is affected by a vulnerability and enable prioritized vulnerability response", and the SSVC decision tree to approach on what to patch when. Three worthwhile efforts. I'd quibble with his description of VEX, and more importantly that SSVC decision tree is terrible for OT. I recommend the ICS-Patch decision tree, which uses Exposure, whether the patch will change security posture, safety impact and process impact.
 

S4x23 Tickets 251 - 500 On Sale Now

Links

Unclassified Ads

Friday News & Notes Unclassified Ads. Here's how to reach the early adopters in OT & ICS Security.

Secure Your Software and Device Supply Chain. Finite State helps you automate and scale security and supply chain assessments. See how the industry’s most accurate SBOMs enable software transparency and actionable risk reduction within your critical OT environments.

Asset inventory & vulnerability management tailor-made for power grid OT: With built-in OT knowledge, ease of importing engineering files, and visualizations that are close to plant structure, OMICRON's IDS solution ensures understanding between OT engineers and IT officers.
 

Firewalls vs Unidirectional Gateways - We compare the effectiveness of these two network perimeter protection technologies, at the IT/OT interface. Download this digital guide to understand the difference and strengthen your cybersecurity program today.

Forwarded This Email and Want To Get It Every Friday?

Sign Up
Have a comment or question on Friday News & Notes. See some news or a story we should cover? Send an email to Dale, s4 @ digitalbond . com.
Twitter
Website
S4 Events YouTube Channel
LinkedIn
Copyright © 2022 Digital Bond, Inc. All rights reserved.

Learn More About S4 at: s4xevents.com

Learn More About Dale's Consulting or Hire Him To Speak at: dale-peterson.com

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.