Radiflow has a new approach for organizing attack characteristics and evaluating vulnerabilities on OT networks, the industrial cybersecurity company announced today.
While reporting on security incidents and attack campaigns is growing, each reporting organization has a different approach for analysis, the firm explains in a new whitepaper. "The current lack of a single taxonomy to analyze security incidents leads to difficulties in understanding the threat landscape in an unbiased way," says Yehonatan Kfir, Radiflow's CTO.
The whitepaper dives into several highly publicized security incidents over the past 10 years — for example, the Triton and Ukraine electricity blackout incidents. Experts present a new evidence-based taxonomy for assessing and classifying the impact of each on OT networks.
Radiflow says the next step in risk analysis for critical infrastructure operators and industrial firms is determining the impact of disclosed vulnerabilities. It says this should be done based on the context of the firm's OT network and business logic related to relevant attacker models.
Experts argue there are issues with existing classification methods. NIST and ICS-CERT, the two major vulnerability disclosure organizations, use scoring standards for assessing security flaws with a bias toward IT networks. In particular, they say, there are issues with the potential of a vulnerability to compromise sensitive data and cause noncompliance with regulations.
Read more details here.