Thursday, October 21, 2010

Utilities could shoot to Roll with Stuxnet Junior's Punch - an SGSB Reader Chimes In

Got this comment in response to my most recent Stuxnet post - Surviving Stuxnet and its Offspring. It's from an IT security pro at AEP:
A viable question is:
If we know we can't practically defend against Stuxnet or its spawn, what is our approach? Giving up is not an option. "Roll with the punch" may end up being a viable strategy. How could we design control systems, or other IT environments for that matter, to be resilient enough to take a potential knock out punch and yet be able to come back up swinging? Another question may be, "in the end, can we optimize our investment by planning to take the punch rather than futilely hiding from it?" 
I think this is a great way of conjuring where we were trying to go (mentally) at the recent Smart Grid Survivability workshop, and where we need to get to asap as an industry. 

No comments: