No Love for CVSS—ICS Industry Leaders Caution Reliance on the IT Standard

No Love for CVSS—ICS Industry Leaders Caution Reliance on the IT Standard

The Common Vulnerability Scoring System (CVSS) is designed as a numeric measure of vulnerability and is widely used in IT organizations as a method to understand and prioritize remediation efforts. When it comes to using CVSS scores in the world of the Internet of Things (IoT), Industrial Control Systems (ICS), or more broadly Operations Technology (OT), there are many challenges, and some would[...]