Recorded: Effective ICS Vulnerability Management

The Debate Over When, Where, and How to Invest.

Even with a good ICS vulnerability management process, most companies struggle to keep up with the myriad ICS alerts and advisories issued by ICS-CERT and automation vendors each month. Typically lacking automated inventory capabilities, industrial process companies struggle to identify new risks to systems responsible for process reliability and safety. It is tough to remediate a vulnerability when you don’t know what you have. Without effective, automated processes to manage vulnerability risk, companies have a false sense of security regarding their organization’s real cyber risks and security investments decisions.

Join Sid Snitkin, vice president and general manager of cybersecurity services at ARC Advisory Group, and Scott Hollis, director of product management at PAS Global, as they square off on what’s truly required for effective ICS vulnerability management. Listen to Scott and Sid exchange views on the current state of industrial vulnerability management maturity. Hear them critique the relative effectiveness of existing approaches. Learn how your organization’s current approach to ICS vulnerability management stacks up by listening to Sid and Scott share what others in the industry are doing.

Key Takeaways

  • See how you can use the ARC Industrial Cybersecurity model to understand where ICS vulnerability management investments can and should fit within your existing ICS cybersecurity program.
  • Learn about ICS vulnerability management best practices, then see a real-world application that reviews a case study on how to identify and remediate a published gas detector industrial vulnerability.
  • Discover what some real-world requirements are for effective industrial vulnerability management, as well as hear what ICS vulnerability management might look like in 2020 and beyond.


Register to View Recording