FireEye’s Mandiant Threat Analysis and MITRE have partnered to produce a new framework that will merge the two different information bases of Business ATT&CK and ICS ATT&CK vulnerability into a single unified perspective that incorporates the activities of IT and OT assault.
MITRE emphasised in designing its ICS ATT&CK matrix that both Business ATT&CK and ICS ATT&CK need to be understood to reliably map threat agent activities through OT events. But just as the historical division between IT and OT can lead to exposure loss between the two, the differentiation of ATT&CK into Company and ICS can also lead to a loss of information on the actions of the intruder.
The issue is dependent on what ‘intermediary networks’ are defined by FireEye. These may be part of OT structurally, but still operate on normal business operating systems. They are used to manage the facilities of the ICS and thus ...
Copyright of this story solely belongs to cybersguards.com . To see the full text click HERE