Yesterday the DHS ICS-CERT published a link to a National
Cybersecurity and Communications Integration Center (NCCIC) recommended
practices document; “Updating
Antivirus in an Industrial Control System”. This is essentially the same
guidance (complete with the same ICS network architecture diagram) that
ICS-CERT published last fall in their Sep-Oct
2017 Monitor.
The timing for this publication is interesting with all of the
current
brouhaha about Microsoft not allowing automatic updates being sent to
systems that do not have an updated AV registry key.
As I said last fall, nothing new here. The addition of this
new recommended practice document just means that ICS-CERT has another document
to link to for the mitigation measures portion of their advisories and alerts.
Posts
No comments:
Post a Comment