*Identify sources for information regarding attacks, exploit capability and tools, and newly discovered vulnerabilities. (Task ID: R2-9215)

*Review ICS-Cert, NERC and other source reports of attacks and develop understanding of how the threats actually work against specific vulnerabilities (Task ID: R2-9346)

*Subscribe to appropriate industry security mailing lists (Task ID: R2-9211)

*Subscribe to intelligence services and open source information subscriptions to be awRe of events (Task ID: R2-9219)

*Subscribe to various information sharing portals relevant to the content. (Task ID: R2-9222)

*Subscribe to vulnerability feeds and maintain information sharing subscriptions. (Task ID: R2-9316)

*Verify assessment tool outputs contain all necessary data elements for vulnerability analysis and risk determination (Task ID: R2-9608)

*Prioritize vulnerability scan results. (Task ID: R2-9492)

*Analyze vulnerabilities to determine risk based on how you have deployed the technology and the likelihood for exploitation (Task ID: R2-9600)

*Develop contract language that requires your technology vendors and service providers to provide information about vulnerabilities and threats to the technology you purchase (Task ID: R2-9243)

*Map newly discovered vulnerabilities to equipment and vendors to track compliance. (Task ID: R2-9816)

*Hire independent third-party auditor to assess/audit toolset coverage and effectiveness (Task ID: R2-9759)

*Maintain a table of attack techniques that align with your deployed technology and business processes (Task ID: R2-9602)

*Implement a honeypot and research the attacks it collects. (Task ID: R2-9253)