Radiflow: New Approach for Classifying OT Attack Flaws

  /     /     /  
Publicated : 23/11/2024   Category : security

Radiflow: New Approach for Classifying OT Attack Flaws


The firm says risk assessment should begin with understanding attacker taxonomy and continue with vulnerability analysis.


Radiflow has a new approach for organizing attack characteristics and evaluating vulnerabilities on OT networks, the industrial cybersecurity company announced today.
While reporting on security incidents and attack campaigns is growing, each reporting organization has a different approach for analysis, the firm explains in a new whitepaper. The current lack of a single taxonomy to analyze security incidents leads to difficulties in understanding the threat landscape in an unbiased way, says Yehonatan Kfir, Radiflows CTO.
The whitepaper dives into several highly publicized security incidents over the past 10 years — for example, the Triton and Ukraine electricity blackout incidents. Experts present a new evidence-based taxonomy for assessing and classifying the impact of each on OT networks.
Radiflow says the next step in risk analysis for critical infrastructure operators and industrial firms is determining the impact of disclosed vulnerabilities. It says this should be done based on the context of the firms OT network and business logic related to relevant attacker models.
Experts argue there are issues with existing classification methods. NIST and ICS-CERT, the two major vulnerability disclosure organizations, use scoring standards for assessing security flaws with a bias toward IT networks. In particular, they say, there are issues with the potential of a vulnerability to compromise sensitive data and cause noncompliance with regulations.
Read more details
here
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Radiflow: New Approach for Classifying OT Attack Flaws