Thursday, July 7, 2011

Energy Sector Control Systems Security for the Masses

So maybe you're a migrant from the IT world and you feel down cause you still can't wrap your head around the mystic world of operational technology (OT) security. Well, fret no longer; I have good news for you.

Chris Blask, who I had the pleasure of meeting at the NESCOR meeting in DC last week, is about to take you by the hand for a few minutes, and when you're done reading his piece, you'll know what it's all about.

Yes, that's right: YOU WILL KNOW.

And not just the usual parts about "here's what's wrong with the current picture" and "why you need to be concerned," but you'll also get a direct dose of "what you need to do to fix this."

I have to give you a few choice snippets to whet your whistle before I invite you to jump to the full article on Infosec Island:
If you operate a control system network today the security of your ICS is almost definitely in a Rumsfeldian "Known Unknown" state: you know that you do not know if your ICS is under attack right now.
and ...
The solution to industrial cyber security is to do your best to build a reliable cyber system - just as you do with the physical assets in the industrial process - then monitor it like a convicted criminal in solitary confinement.
OK, you got the general idea? Good, then you're ready to proceed by clicking HERE.

BTW, Chris is now serving as VP of Industrial Control Systems at the somewhat frightening sounding AlienVault, and earlier in his career was founder of the well respected ICS security firm Lofty Perch.

No comments: