CHAPTER 2

ICS RISK ASSESSMENT

One of the primary use cases for a penetration test, specifically in the context of ICS, is as part of an overall risk assessment process. Multiple tasks from the risk assessment all work in concert to provide the data needed for the final risk calculations, which ultimately help define your risk mitigation strategy. Determining the “likelihood” of a successful attack or incident is a defining characteristic and major component of the final risk calculations. It is also crucial to your risk mitigation strategy if you want your results to be efficient and cost effective by targeting the most immediate and impactful threats first. This determination is especially important if you have limited resources (budget ...

Get Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.