Loading…
This event has ended. Visit the official site or create your own event on Sched.
Welcome to the Interactive Agenda for SecurityWeek’s 2018 ICS Cyber Security Conference! (View the full conference website here)  (You can Register for ICS Cyber Security Conference Here
View analytic
Monday, October 22 • 11:00am - 11:45am
Embracing Compromise: Enhancing ICS Security With The Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework

Sign up or log in to save this to your schedule and see who's attending!

The idea of embracing compromise might sound unacceptable to some working with industrial control systems and other critical infrastructure. However, today’s systems are too complex with far too many opportunities available for malicious actors to breach an organization’s network. As such, we need to understand the tools and frameworks available for these dreaded yet inevitable times. Fortunately, MITRE has developed a curated knowledge base and framework known as Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK). ATT&CK provides knowledge describing behaviors, actions, and processes that a cyber adversary might utilize once initial access has been gained within an organization’s network. This presentation will start with motivating reasons why ATT&CK is important for cybersecurity in general and for ICS networks particularly. Currently, ATT&CK is specifically designed and published for traditional IT networks. However, there is on-going research towards developing an ICS ATT&CK framework. After introducing ATT&CK, the presentation will describe research that is on-going in the research community to implement the ICS ATT&CK framework along with other works that have used ATT&CK specifically for ICS and Operations Technology. The presentation will conclude with ATT&CK based use cases that ICS organizations can use today in order to enhance their existing cybersecurity operations.  

Speakers
avatar for Lane Thames

Lane Thames

Senior Security Researcher and Software Engineer, Tripwire
Lane Thames is a senior security researcher and software engineer with Tripwire’s Vulnerability and Exposure Research Team (VERT). As a member of VERT, Lane develops software that detects applications, devices, and operating systems along with vulnerability detection and management... Read More →


Monday October 22, 2018 11:00am - 11:45am
Windsor C