Sugar Land, Texas (June 18, 2021) – ThreatGEN, a leading OT cybersecurity firm and creator of the ThreatGEN® Red vs. Blue cybersecurity gamification platform, announced today that they have been selected by the Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC) program, a collaboration of oil and natural gas companies and the U.S. Department of Homeland Security, Science and Technology Directorate, to perform a study of the Common Vulnerability Scoring System (CVSS) and provide an alternative scoring system that more effectively addresses risk to industrial systems. The Industrial Vulnerability Scoring System (IVSS), created by ThreatGEN and presented at the S4x19 conference, will provide the foundation for the study’s new scoring system.
The effort will be led by ThreatGEN’s industry experts, Founder & CEO Clint Bodungen (lead author of Hacking Exposed: Industrial Control Systems) and Director of Threat Services Pascal Ackerman (author of Industrial Cybersecurity: Efficiently secure critical infrastructure systems). The outcome of the study will provide the means for researchers and industrial operators to score vulnerabilities, taking into consideration industrial consequences and impacts to safety, production, and reliability. The IVSS will be a supplemental score for industrial application, rather than a replacement for the overall existing CVSS scores.
At the conclusion of the study, the IVSS scoring tool will be available to the public via ThreatGEN’s website.
The LOGIIC (Linking the Oil and Gas Industry to Improve Cybersecurity) program is an ongoing collaboration of oil and natural gas companies and the U.S. Department of Homeland Security, Science and Technology Directorate. LOGIIC undertakes collaborative research and development projects to improve the level of cybersecurity in critical systems of interest to the oil and natural gas sector. The objective is to promote the interests of the sector while maintaining impartiality, the independence of the participants, and vendor neutrality.
The Automation Federation serves as the LOGIIC host organization and has entered into agreements with the LOGIIC member companies and all other LOGIIC project participants. Member companies contribute financially and technically, provide personnel who meet regularly to define projects of common interest, and provide staff to serve on the LOGIIC Executive Committee. Current members of LOGIIC include BP, Chevron, ConocoPhillips, Shell, Total, and other large oil and gas companies that operate significant global energy infrastructure. The U.S. Department of Homeland Security, Science and Technology Directorate has contracted with scientific research organization SRI International to provide scientific and technical guidance for LOGIIC.
Industrial control, automation, package, security, and other vendors have made LOGIIC projects possible by volunteering their time, knowledge, equipment, and test environments. Subject Matter Experts make significant contribution by working with SRI International to refine the evaluation strategy, perform the system evaluations, and develop the project reports.
ThreatGEN bridges the “Operational Technology (OT) cybersecurity skills gap” utilizing the ThreatGEN® Red vs. Blue cybersecurity gamification platform and our OT Security Services, both powered by our world-renowned OT cybersecurity experts and published authors. The ThreatGEN® Red vs. Blue cybersecurity gamification platform uses cutting-edge computer gamification to provide an exciting & modernized approach to OT cybersecurity training, both practical and cost effective! Our OT Security Services use our decades of industry experience combined with strategically chosen partnerships to create a holistic service offering.
For more information, visit our company website, follow us on LinkedIn, or follow @ThreatGEN_RvB on Twitter. For further sales information, send an e-mail to firstname.lastname@example.org.
Derezzed Inc. D/B/A ThreatGEN
140900 Southwest Freeway #300
Sugar Land, Texas 77478
+1 (833) 339-6753
#industrial #OT #cybersecurity #cybersecuritynews