Archive for February, 2012

Byres on defense in depth #pauto #cybersecurity #automation

Eric Byres talks about Sun Tsu, the Maginot Line, Blitzkrieg and defense in depth for industrial control security.
 http://www.tofinosecurity.com/Blog/defense-depth-key-scada-security
Terrific article! 
 

Netherlands ICS Cyberhorror @Hulsebos #SCADA #mfg #pauto #security #manufacuring

Im hijacking Joe’s blog for a post of my own. 
With a hat tip to Byres Security division of Hirschman/Belden, here’s a link to a very good article by Rob Hulsebos, a recognized industrial networking expert who happens to live in The Netherlands.
http:…

How valuable is the ICS-CERT? Is it focused on the right issues?

A control system is generally composed of a human-machine interface (HMI) that is often a Windows-based system and field controllers. The HMI is essentially an IT system with IT vulnerabilities. The field controllers generally use proprietary real time…

ISA sets up two new classes of membership @ISA #pauto #automation #isa #mfg #automation

After much arguing and many people like me pushing them to do something, anything to make themselves more relevant, ISA has taken the first baby steps in that direction. They still have to figure out what real value added member benefits are, instead o…

ISA sets up two new classes of membership @ISA #pauto #automation #isa #mfg #automation

After much arguing and many people like me pushing them to do something, anything to make themselves more relevant, ISA has taken the first baby steps in that direction. They still have to figure out what real value added member benefits are, instead o…

New Security System Survey

This news release just crossed my desk. Might be worth your time to fill this out.
SECURITY INCIDENTS ORGANIZATION CONDUCTING FIRST CONTROL SYSTEM SECURITY BENCHMARK SURVEY              SELLERSVILLE, Pa. – The Security Incidents Organiza…

New Security System Survey

This news release just crossed my desk. Might be worth your time to fill this out.
SECURITY INCIDENTS ORGANIZATION CONDUCTING FIRST CONTROL SYSTEM SECURITY BENCHMARK SURVEY              SELLERSVILLE, Pa. – The Security Incidents Organiza…

Take the @SecurityIncidentsOrg survey on cybersecurity in control systems #pauto #cybersecurity #mfg #manufacturing

Full disclosure: I am a member of the RISI Advisory Board. I do strongly urge you, if you are involved with industrial control systems at all, to take this survey. read more

What is more important – cyber vulnerabilities or actual cyber incidents?

The recent S4 Conference has shone a light on the cyber vulnerabilities of many industrial
controllers.  The vulnerabilities identified are generally textbook IT vulnerabilities – use of weak passwords, use of Telnet, cross-site scripting weaknesses, …

Thursday Morning Scary Read

Nancy Bartels driving the blogging machine here this morning. I am not by nature an alarmist, and I tend to ignore headlines that say (or imply) "OMG, we’re all going to die!" On the other hand, when you smell smoke in the kitchen for longer …