Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
IoT and OT Security Handbook

You're reading from   IoT and OT Security Handbook Assess risks, manage vulnerabilities, and monitor threats with Microsoft Defender for IoT

Arrow left icon
Product type Paperback
Published in Mar 2023
Publisher Packt
ISBN-13 9781804619803
Length 172 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Smita Jain Smita Jain
Author Profile Icon Smita Jain
Smita Jain
Vasantha Lakshmi Vasantha Lakshmi
Author Profile Icon Vasantha Lakshmi
Vasantha Lakshmi
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
2. Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0 FREE CHAPTER 3. Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model 4. Chapter 3: Common Attacks on IoT/OT Environments 5. Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
6. Chapter 4: What Is Microsoft Defender for IoT? 7. Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture? 8. Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges? 9. Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
10. Chapter 7: Asset Inventory 11. Chapter 8: Continuous Monitoring 12. Chapter 9: Vulnerability Management and Threat Monitoring 13. Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework 14. Index 15. Other Books You May Enjoy

Validating ZTA with attack vectors

ZTA implementations can be validated by creating attack vector reports. These reports give you a visual simulation of the attack vector and path to the specific asset. The following screenshot shows how a PLC may be attacked by navigating connected devices in the path:

Figure 10.8 – An attack vector report

The preceding figure shows the attack vector simulation on an important device, PLC1.

The path from the internet to the PLC can be achieved in three easy steps:

  1. Workstation 1 has an internet connection.
  2. There are known vulnerabilities on the device that the attacker may leverage to compromise the device.
  3. There is network connectivity between two subnets, meaning the attacker may enter another network. Also, there are known vulnerabilities on the PLC device, which may be used to compromise the PLC.

Simulation is an integral part of any cybersecurity program. However, given the sensitivity...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image