Dragos is excited to present the fifth year of the annual Dragos Year In Review report on Industrial Control System (ICS)/ Operational Technology (OT) cyber threats, vulnerabilities, assessments, and incident response observations.

The ICS/ OT community has long suffered from more anecdotes on security than insights driven from data and real-world cases given the sensitivity of the subject. A lack of insights into the ICS/OT threat landscape and state of security prevent the community

In 2021, the industrial community attracted high-profile attention. Major cybersecurity incidents struck industrial organizations in a range of sectors, with international headlines detailing everything from a compromise of a water treatment facility with intent to poison its community to a ransomware attack against a pipeline operator that disrupted gas supplies to the southeast United States.

These reports underscored the potential devastating outcomes a security breach of critical

As enterprises invest heavily in digital transformation, industrial cybersecurity will increasingly serve as a critical enabler for safely and securely advancing business goals through technological innovation.

Advancing connectivity and digitalization of operational technology (OT) provides significant benefits to the business, including: Increased automation Improved process efficiency Better asset utilization Enhanced telemetry of machinery for business forecasting

Threats to industrial infrastructure security are an extremely sensitive matter. Given the unique realities of industrial operations it is often harder for defenders to react than for adversaries to leverage public information. The more time the community has to implement mitigations before new malicious capabilities become public, the better the effects of any attempted attacks can be reduced.

PIPEDREAM is the seventh known Industrial Control Systems (ICS)-specific malware and fifth

As the threat landscape continues to evolve with a perpetual influx of new network anomalies and Indicators of Compromise (IOC), prudent defenders must focus on more actionable elements of attack characteristics, such as Tactics, Techniques and Procedures (TTPs). One such example of this is the Initial Access Tactic.

Initial access is one of the most important adversarial tactics and may form the critical dependency on which further tactics rely, or conversely it may be the end goal

Ransomware groups are getting bolder and demanding higher ransoms.

In the 2022 Ransomware Threat Report, Unit 42 threat researchers and incident responders provide on-the-ground threat analysis of top ransomware groups, the range of cases handled by the team and an in-depth analysis of the newer tactics the groups are using to shame their victims into paying ransoms.

Download the report now to gain insights into: Established and emerging ransomware groups, including

Having a retainer agreement in place with a trusted security advisor accelerates your ability to recover after an attack and resume normal business operations. The Unit 42 Retainer is custom-built to fit your organization's needs as you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial.

IDC recently conducted a research survey into the trends, challenges and benefits associated with IR and readiness.

Download this thought leadership white paper to gain insights into: Organizations' cybersecurity maturity level IR purchase methods, retainers and SLAs Top incident response provider capabilities The importance of telemetry, cloud IR and remediation This research data enables you to see how your organization compares by industry, company size, and more

Cloud environments are inherently designed to be dynamic and scalable, which means even simple mistakes can lead to expensive, complicated incidents with outsized impact.

Unit 42 is doubling down on Cloud Incident Response practice to provide an optimized approach for each stage of the cloud incident lifecycle, resulting in faster recovery for impacted organizations.

Read the At a Glance to learn: Our new optimized approach to cloud IR process The cutting-edge

An incident response plan and retainer are critical to organizational security, but fewer than 50% of organizations have these procedures and SOPs in place.

ESG's e-book examines the incident readiness market, reveals how far organizations have come in IR planning and what requirements are still needed to combat data breach incidents and cybercriminals.

Download the e-book and get insight into: Drivers and efficacy of incident readiness services purchased Best