Cybersecurity Tactics to Reduce ICS Software Supply Chain Risk | SPONSORED
Supply chain attacks like the recent SolarWinds hack are now front-page news, and cybersecurity steps must be taken to reduce the risk these attacks pose to critical systems. A platform that enables end users to manage the security of their ICS/OT endpoints down to vulnerabilities in hidden subcomponents is a necessity given the increased capabilities of cyber criminals.
Current approaches that rely on passive detection of software miss the underlying reservoir of risk of both OS and application software as well as the hidden risks of vulnerable components within OT/IoT firmware. A new partnership between two leading ICS cybersecurity companies allows organizations to not only identify ‘known’ risks, but immediately check for vulnerabilities hidden in their embedded firmware.
Cybersecurity Webinar: Learn How to Reduce Risk in Industrial Environments
IT-based vulnerability detection solutions often miss more OT vulnerabilities than they detect–or they generate an unmanageable flood of false positives, wasting already over-stretched cybersecurity resources.
This webinar aims to show how decades of OT product naming inconsistency limits the ability of traditional vulnerability tools to determine which of assets are affected by a vulnerability – or the reverse: which vulnerabilities you need to worry about.
The difference between CPEs, CVEs, and CWEs will be explained and real-world examples of naming issues that undermine the usefulness of these resources provided. A primer on Software Bill of Materials (SBOMs) and how enhanced SBOMs build the links between products, vulnerabilities, risks, and asset inventories will be discussed.
Learn how to use those links to get the most out of your investments or to secure the assets that are harder to replace. Three takeaways to help enhance OT vulnerability management and risk monitoring will also be covered.
Eric Byres (CEO, aDolus Technology Inc.) is widely recognized as one of the world’s leading experts in the field of industrial control system (ICS) and Industrial Internet of Things (IIoT) cybersecurity. He is the inventor of the Tofino Security technology – the most widely deployed ICS-specific firewall in the world – licensed by industry giants Honeywell, Schneider Electric, and Caterpillar. Eric is also known for his leadership in international standards and research for industrial communications. Full Bio
Ron Brash (Director of Cybersecurity Insights @Verve Industrial) injects technical expertise from vulnerability research to cyber-risk advisory from several critical infrastructure domains (O&G, energy, utilities, aviation). He has 12+ years of experience working with embedded ICS, possesses a MsCompSci, a Btech, and co-authored a book on Bash programming.