7 days ago finished the eight version of the SANS SCADA Summit at Orlando. Conferences were really great and it was a great opportunity to see that I am not the only CISO that is having trouble developing and implementing an information security program to the ICS world of the company. The most important conclusions obtained back there are:
SCADA/ICS systems manages critical infrastructure and could be a target addressed by any irregular and ilegal group. For all us who work to companies where SCADA/ICS systems are vital to business, it will become the most important information asset to protect, as it could be used to destroy all the assets used to ensure company's future money.
Manuel Humberto Santander Peláez |
Manuel Humberto Santander Pelaacuteez 194 Posts ISC Handler Feb 20th 2013 |
Thread locked Subscribe |
Feb 20th 2013 8 years ago |
Hi, Manuel!
Include into compliance list TCG IF-MAP for SCADA/ICS. http://news.infracritical.com/pipermail/scadasec/2013-February/010426.html |
Anonymous |
Quote |
Feb 21st 2013 8 years ago |
Scada software and the related systems tend to be very sensitive to changes. The operators do need education in how IT can help, but IT has to remember that they just cannot jump in and make changes without being careful.
SCADA systems that are not reliable can shut down the water or electricity for an entire city - or worse. SCADA operators prize reliability for very good reasons. |
KBR 63 Posts |
Quote |
Feb 21st 2013 8 years ago |
Sign Up for Free or Log In to start participating in the conversation!