Speaking at the Industrial Security Conference in Denmark, MITRE’s director of our Cyber Infrastructure Protection Innovation Center, Mark Bristow, discussed how to ensure operational resiliency in a contested world.
“The control systems cybersecurity community is at a critical point…In too many cases, a compliance-based approach has been taken to ICS cybersecurity which ultimately prioritizes ‘easy to measure’ security controls like patch levels and password complexity,” said Bristow. “These controls will not substantively impact the safety or reliability of the process.”