OnDemand | ICS & OT Supply Chain Risk Management and Information Sharing for Meaningful Attack Preparedness and Response
ICS and their end-use critical infrastructure organizations can now establish a live view into their organization’s overall security posture inclusive of their external perimeter, while placing focus on ‘crown jewel’ operational technology (OT) assets.
The cybersecurity industry has found that timely and secure information sharing serves to bridge the gap between vulnerability and security. This effort is facilitated through cyber supply chain risk management sharing of asset, vendor organization, and component-level information.
Proactive monitoring and industry-wide collaboration and vigilance are accomplished through supply chain sharing and part automated analysis of security control information and machine-readable documents such as a Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) --now is the time to integrate this information sharing as part of your organization’s security operations.
Timeliness is of the utmost importance when it comes to cyber supply chain risk management. Mitigation efforts can be quickly prioritized when supply chain data is combined with an organization’s security controls, attack frameworks and vulnerability databases. Identifying asset, vendor, and component security controls early while having an up-to-date view of assets via Bills of Materials and VEX information allows for a ‘sleep well’ outcome for any security professional.
Join Fortress VPs Gonda Lamberink and Tony Turner for an exclusive webinar training on how to use information such as SBOMs and VEX to navigate between real-world attacks and the state of an organization’s operational technology.