Could a HVAC vulnerability leave you liable to a massive NIS fine?

Who’s liable when the vulnerability is in equipment from a third party supplier? Under NIS it’s likely to be you!

The McAfee Labs Advanced Threat Research team has uncovered a zero-day vulnerability in an industrial control system (ICS) used for building management systems including heating, ventilation and air conditioning (HVAC.) The zero-day itself has now been patched, but the questions of who is liable for supply-chain security risk exposure remains. SC Media UK has been getting the answers.

Click here to read complete article