Over the past year Dragos has released information about eight threat activity groups that have targeted industrial companies. These groups range from espionage, to learning industrial environments for future effects, to causing a power outage and targeting human life directly. But what are threat activity groups? They are different than what is normally tracked in the community as threat actors and have a different focus for defenders. This presentation will highlight what activity groups are, what Dragos’ approach has been with them for identifying ICS threats, and how they serve as the basis for the threat analytics which fuels the intelligence-driven approach Dragos takes in our software and services.
Attendees will learn:
What are threat activity groups
What is Dragos’ approach for identifying ICS threats
How threat analytics fuels an intelligence driven approach
Why intelligence is a critical component of ICS threat detection and response