CHAPTER 10

ICS RISK MITIGATION STRATEGIES

As mentioned throughout this book, the value of penetration testing is realized when used in conjunction with threat modeling and as part of an overall risk assessment process to make risk mitigation strategies more efficient and cost-effective. This is effectively the return on investment (ROI) for penetration testing. No organization has unlimited resources, so defensive measures must be prioritized to be most effective and efficient in defense and cost.

image

Many people confuse the terms remediation and mitigation and often use them interchangeably, not knowing the difference. But they are not quite ...

Get Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.