2020 ICS Cyber Security Conference | USA

Attack Path Mapping (APM) is an innovative approach that some companies have found to be a pragmatic way to reduce cyber risk quickly and cost-effectively. APM focuses on the attack paths that real-life attackers are most likely to use, and then identifying how those attack paths can be better controlled or closed altogether.
Conventional approaches such as penetration testing and red teaming, while valuable, can be of limited usefulness to companies seeking to reduce cyber risk. This is particularly true in Operational Technology (OT) and Industrial Control System (ICS) environments where conventional approaches sometimes yield ever-growing lists of technical vulnerabilities which are difficult or impossible to fix.

For example: Attackers are likely to try and compromise the corporate network as a precursor to 'jumping the air-gap' to reach ICS systems. Understanding how they would do that, and strengthening the controls needed to frustrate those attack paths, can often be achieved much more quickly and cost-effectively than seeking to upgrade the ICS environment itself.

This talk will present recent APM case studies in energy CNI organizations, illustrating how cyber risk was reduced in this way and demonstrating how this approach can be of benefit to Incident Readiness and Response within CNI organizations. Attendees will gain a practical understanding of how this approach can be applied in their own organizations, and an appreciation of where APM is - and is not - likely to be helpful.

Sponsored by: F-Secure