Practical SCADA Security

Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips

Secure Industrial Networks with the Right Tools
Heather MacKenzie
Tuesday, June 4, 2013

Improving the cyber security of industrial networks is a challenge you may be facing.

 

On the one hand your manufacturing processes probably use devices such as PLCs (programmable logic controllers) and DCS (distributed control systems) that were designed with a focus on reliability and safety rather than security. On the other hand your industrial networks are already, or soon will be, connected to your company’s enterprise networks and migrated to Ethernet.
 

In considering how to decrease cyber risk and protect assets, it is important to look for technology solutions that are designed for the plant floor.

 

Some of the differences between plant...

Post a comment
Read more
2,025 reads

SCADA and ICS Cyber Security: Facing the Facts
Eric Byres
Friday, May 3, 2013

Our last blog, contributed by Thomas Nuth, highlighted the fact that industrial cyber security is now being discussed by heads of state within the international community - the Executive Order – Improving Critical Infrastructure Cybersecurity signed by President Obama in February of this year being just one indication of the importance being attached to this issue.

 

Let’s continue the discussion...

Why the Threat Level to SCADA and...

Post a comment
1
Read more
3,814 reads

SCADA Cyber Security: An International Issue
thomas.nuth
Thursday, April 18, 2013

Three years ago, the concept of industrial cyber security became a popular discussion topic within the industrial networking community. Now the discussion has risen to the level of heads of state within the international community. The Executive Order – Improving Critical Infrastructure Cybersecurity signed by President Obama in February of this year is just one indication of the importance being attached to this issue.

 

What’s also interesting is the change in focus of this discussion topic. The key question has changed from an...

Post a comment
Read more
4,038 reads

Securing SCADA Systems: Why Choose Compensating Controls?
Eric Byres
Thursday, April 11, 2013

In my last blog, I shared some secrets on how to successfully use patching in SCADA and control systems.

 

This week, I’ll look at the pros and cons of using compensating controls as an alternative to patching, and discuss the requirements for success.

Addressing Vulnerabilities Through Compensating Controls

If you’ve read my previous blog articles on patching, you’ll understand why ...

Post a comment
6
Read more
3,786 reads

Making Patching Work for SCADA and ICS Security
Eric Byres
Thursday, April 4, 2013

If you have read my previous blogs on patching for control system security, you might think I am completely against patching. Guess what? I’m not against them!

 

Actually, I think applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. If you never patch, you are leaving your system open to a decade of malware.

 

What I am against is patching as a...

Post a comment
Read more
4,137 reads

 

 

 

 

Eric Byres

 

 

The opinions expressed here are the personal opinions of the Contributors. Content published here does not necessarily represent the views and opinions of Tofino Security

 

© Tofino Security 2013

All Rights Reserved.