Richard Dahl, founder and ceo of cmplid:// will be speaking at the ICS JWG Spring Meeting in Minneapolis April 11th – 13th. Stop by our booth and say hello if you’re attending.
Vulnerability Management is a difficult function in general, however, for Operational Technology environments, e.g., industrial control systems,
SCADA systems, IoT or other non-traditional technology managers, it is extremely problematic.
Generally, vulnerabilities can be classified as either those resulting from source-code errors or configuration issues within a software package. The
traditional response to known vulnerabilities is then to patch the code or change the configuration to eliminate the vulnerability. However, what do
you do when your OT vendor will not allow either vulnerability remediation technique?
This presentation will discuss this issue and describe a process that can be used to manage vulnerability mitigation measures consistently and
efficiently across OT/IoT environments challenged by the cost or complexity of vulnerability management.