A vulnerability is a flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy The goal of the vulnerability assessment is to develop a list of system vulnerabilities that could be exploited by the potential threat sources.
For OT Vulnerability Assessment, the combination of Active Scanning and Passive Monitoring method should be considered to achieve greater transparency in the environment and at the same time minimise the possible impact to the system.
Typical Vulnerability Assesment Approach
Host Security Assessment
Network Security Assessment
Architecture Security Review
Benefits
Allows understanding of threats and vulnerabilities in OT
environments
Allow the identification of appropriate counter
measures in OT environments
Provides clear recommendations to reduce cyber threats
Recommendations in line with budget and risk appetite
“Attila Cybertech offers a comprehensive range of cybersecurity solutions that are grounded in our deep knowledge of operational technology assets and networks
keeping you in compliance and protected from ever changing threats, so you can focus on producing at optimal output.”
For each risk level derived, compare it against the risk tolerance level defined by the organisation
Risk scenarios with risk levels above the tolerance level must be prioritised for treatment until the risk levels fall to within the tolerance level
When prioritising risk for treatment, the expected duration should also be established
“Regardless of whether you need selective support or a comprehensive solution With Attila’s holistic approach to protecting your OT environment, we offer you a unique portfolio. We are your trusted partner, from risk identification, analysis, evaluation to mitigation recommendations”
