A key defense against increasing industrial cyber threats is to fully identify and inventory all your operational technology (OT) assets, including communication pathways. Every cybersecurity process becomes easier and more effective, when you have good asset visibility.

Download this infographic now to discover the 10 reasons why industrial organizations need better asset visibility.

Dragos is excited to present the fifth year of the annual Dragos Year In Review report on Industrial Control System (ICS)/ Operational Technology (OT) cyber threats, vulnerabilities, assessments, and incident response observations.

The ICS/ OT community has long suffered from more anecdotes on security than insights driven from data and real-world cases given the sensitivity of the subject. A lack of insights into the ICS/OT threat landscape and state of security prevent the community from having meaningful discussions on how to address today's challenges.

Download this Year in Review to discover the reality into the discussion as an attempt to move the conversation and security efforts forward.

In 2021, the industrial community attracted high-profile attention. Major cybersecurity incidents struck industrial organizations in a range of sectors, with international headlines detailing everything from a compromise of a water treatment facility with intent to poison its community to a ransomware attack against a pipeline operator that disrupted gas supplies to the southeast United States.

These reports underscored the potential devastating outcomes a security breach of critical infrastructure could have on communities and a country's economy. They also elevated the discussion the ICS/OT* community has been having for years on cyber readiness and brought them to the proverbial kitchen table—and the policymakers' and regulators' office desks, too.

Download this whitepaper now to read the ICS/OT cybersecurity executive summary.

As enterprises invest heavily in digital transformation, industrial cybersecurity will increasingly serve as a critical enabler for safely and securely advancing business goals through technological innovation.

Advancing connectivity and digitalization of operational technology (OT) provides significant benefits to the business, including:

• Increased automation
• Improved process efficiency
• Better asset utilization
• Enhanced telemetry of machinery for business forecasting
• Equipment maintainability

Download this guide to discover more about the importance of industrial cybersecurity.

Threats to industrial infrastructure security are an extremely sensitive matter. Given the unique realities of industrial operations it is often harder for defenders to react than for adversaries to leverage public information. The more time the community has to implement mitigations before new malicious capabilities become public, the better the effects of any attempted attacks can be reduced.

PIPEDREAM is the seventh known Industrial Control Systems (ICS)-specific malware and fifth specifically developed to disrupt industrial processes. PIPEDREAM demonstrates significant adversary research and development focused on disruption, degradation, and potentially destruction of industrial environment and physical processes. It can disrupt, degrade, and potentially destroy industrial environments and processes.

Download this whitepaper for actions you can take to mitigate impacts in your environment.

As the threat landscape continues to evolve with a perpetual influx of new network anomalies and Indicators of Compromise (IOC), prudent defenders must focus on more actionable elements of attack characteristics, such as Tactics, Techniques and Procedures (TTPs). One such example of this is the Initial Access Tactic.

Initial access is one of the most important adversarial tactics and may form the critical dependency on which further tactics rely, or conversely it may be the end goal in itself. Irrespective of the adversary's intent, preventing successful initial access is paramount in preventing successful intrusions against your organization.

This whitepaper steps through the most common initial access techniques Dragos observes being utilized by activity groups in order to equip defenders with some of the vital elements of threat behavior knowledge and thus address the associated risks.