Loading…
This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2018 ICS Cyber Security Conference! (View the full conference website here)  (You can Register for ICS Cyber Security Conference Here
View analytic
Wednesday, October 24 • 4:15pm - 5:00pm
Finding the Weakest Link in Your ICS Network Using Exploit Path Analysis (EPA)

Sign up or log in to save this to your schedule and see who's attending!

Most cybersecurity risk management practices are centered around identifying and mitigating
vulnerabilities of individual IT/OT hardware and software assets, instead of on aggregated vulnerabilities of interconnected assets in an ICS environment. Very often, the company CISO and his/her security team are interested in knowing what the weakest link (the most vulnerable
path) in an ICS network would be, in order to allocate the right resources and achieve defense-in-depth cost-effectively with maximized return on investment. The current techniques of attack or exploit path analysis are mostly conducted at an abstract level and have little relevance to real ICS assets and control networks.

In this session, we will present a quantitative model of exploit path analysis (EPA) in complex
ICS networks. An exploit path represents a potential route through a network an adversary may
use to exploit IT and OT assets and launch attacks. The aggregated vulnerability of a path depends not only on the vulnerabilities of individual assets along the path, but also on asset compositions and their connective relationships in a network. Our approach integrates various security techniques, including consolidated asset management, automated vulnerability discovery, and dynamic network analysis, into an extensible framework. We will review several existing attack or exploit path models and introduce the analysis metrics and concepts based on probabilities for identifying the weakest link. We will demonstrate the use of EPA through some sample use cases and how it can be used to support quantitative decision making in enhancing an organization’s ICS cybersecurity readiness.

The EPA development is sponsored by the Department of Energy (DOE) through a research
grant.

LEARNING OBJECTIVES
  • What is EPA and what are its benefits for ICS?
  • What are the important analysis factors and metrics for EPA?
  • How are threat and vulnerability modeled in EPA?
  • How the EPA can be used to support quantitative cybersecurity risk analysis?
  • How to apply EPA in organizational decision making with respect to ICS cybersecurity?


Speakers
avatar for Dr. Nick Duan

Dr. Nick Duan

CTO, D-Tech
Dr. Nick Duan is the President and Chief Information Officer of D-Tech, LLC, an R&D firmspecializing in cybersecurity products and services. He has over 30 years of experience insoftware design and project development, with a wide range of expertise in cybersecurity,identify and access management, data modeling, and system design and development. Prior to D-Tech... Read More →


Wednesday October 24, 2018 4:15pm - 5:00pm
Windsor C