February 2012

Use Purchasing Decisions to Demand better ICS Security

Eric Byres made a very good point in his blog article “S4 SCADA Security Symposium Takeaway: Time for a Revolution” about the user community needing to unite and put pressure on automation vendors to improve the security of their products.  I am writing to be, dare I say, more militant about this point.

Factory of the Future meets Stuxnet’s Children: Egad!

Late last year Frost and Sullivan, an international analyst group, released a short report called Current Scenario and Future Landscape in the Automation & Control Systems (ACS) Market.” The report claims that “the field of industrial automation is at a cross roads,” due to “narrowing product definition between individual ACS products, specifically the PLC and DCS product line.”

7 Steps to ICS and SCADA Security plus White Paper

Last year I published two articles titled “Getting Started on ICS and SCADA Security” (Part 1 and Part 2).  As a result of their popularity, I have worked with John Cusimano of exida to develop the material further.  The result is the white paper that we are releasing today titled “7 Steps to ICS and SCADA Security”.  This ar

Cyber Security Nightmare in the Netherlands

The first two weeks of February have been exciting times in the Netherlands, with many cyber security incidents making headlines in the news. One of the most worrisome involved keeping my country, a country that is below sea level, dry.  This task is delegated to industrial systems - and one would expect the safety of millions of people properly managed and kept up to the highest standards. But is it?

Defense in Depth is Key to SCADA Security - Part 1 of 2

In my blog article on the Factory of the Future I mentioned the concept of Defense in Depth. This is such a critical foundation in the field of security that I am going to dedicate a number of columns over the next few weeks to this topic.