Tuesday, January 9, 2018

ICS-CERT Publishes AV Update Guidance

Yesterday the DHS ICS-CERT published a link to a National Cybersecurity and Communications Integration Center (NCCIC) recommended practices document; “Updating Antivirus in an Industrial Control System”. This is essentially the same guidance (complete with the same ICS network architecture diagram) that ICS-CERT published last fall in their Sep-Oct 2017 Monitor.

The timing for this publication is interesting with all of the current brouhaha about Microsoft not allowing automatic updates being sent to systems that do not have an updated AV registry key.

As I said last fall, nothing new here. The addition of this new recommended practice document just means that ICS-CERT has another document to link to for the mitigation measures portion of their advisories and alerts.

No comments:

/* Use this with templates/template-twocol.html */