Skip to main content
search
All BlogsCritical InfrastructureCyber-Physical Systems ProtectionIdentity-Based SecurityIndustrial CybersecurityProducts and FeaturesZero Trust

Introduction to Zero Trust Models with MITRE ATT&CK Matrix for ICS

By January 17, 2024No Comments
All BlogsCritical InfrastructureCyber-Physical Systems ProtectionIdentity-Based SecurityIndustrial CybersecurityProducts and FeaturesZero Trust

Introduction to Zero Trust Models with MITRE ATT&CK Matrix for ICS

By January 17, 2024 No Comments

Author: Geoffrey Mattson, CEO, Xage Security

In the rapidly evolving landscape of industrial control systems (ICS) security, understanding and mitigating potential threats is crucial. The MITRE ATT&CK for ICS Matrix offers a comprehensive framework for identifying and analyzing attacker tactics and techniques in ICS environments. However, merely understanding these threats is not enough. Implementing robust defense mechanisms is key. Using a Universal Zero Trust Architecture plays a pivotal role in preventing common, devastating attack tactics that are outlined in the MITRE ATT&CK ICS Matrix.

Here’s a quick video covering the MITRE ATT&CK for ICS Matrix and ATT&CK Navigator, and how a Zero Trust Architecture can help.

What Is A Zero Trust Model for ICS?

Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources…Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership (enterprise or personally owned). Authentication and authorization (both subject and device) are discrete functions performed before a session to an enterprise resource is established.”
– NIST 800-207 Zero Trust Architecture

Logging into a corporate account should not grant access to every asset inside the corporate network. Logging into an engineering workstation at a factory should not grant access to every programmable logic controller (PLC), sensor and actuator on the site. Instead, they must verify anything and everything trying to connect to its systems before granting access. In the context of ICS, where the stakes involve critical infrastructure and industrial operations, Zero Trust isn’t just a recommendation—it’s a necessity.

Real world circumstances like the rise of remote work, cloud, and bring-your-own-device policies, alongside the increasing overall complexity and economic importance of industrial systems, are driving the urgent need for zero trust architectures in ICS. 

For a deeper dive into how Xage supports Zero Trust Architectures and the MITRE ATT&CK Framework for ICS, get our Technical Brief: “Mastering MITRE ATT&CK for ICS in Zero Trust Architectures.”

Related Posts

Image of an Arcane Door generated by ChatGPT. All BlogsCyber News
April 26, 2024

ArcaneDoor: Firewall, or Open Door?

MFA for Remote Access All BlogsIdentity-Based Security
April 24, 2024

MFA for Remote Access: Benefits & Challenges

Zero Trust and Microsegmentation All BlogsZero Trust
April 10, 2024

Zero Trust and Microsegmentation

Close Menu