Got this comment in response to my most recent Stuxnet post -
Surviving Stuxnet and its Offspring. It's from an IT security pro at AEP:
A viable question is:
If we know we can't practically defend against Stuxnet or its spawn, what is our approach? Giving up is not an option. "Roll with the punch" may end up being a viable strategy. How could we design control systems, or other IT environments for that matter, to be resilient enough to take a potential knock out punch and yet be able to come back up swinging? Another question may be, "in the end, can we optimize our investment by planning to take the punch rather than futilely hiding from it?"
I think this is a great way of conjuring where we were trying to go (mentally) at the recent Smart Grid Survivability workshop, and where we need to get to asap as an industry.
1 comment:
Your post is very nice, it helped me to gather important and new information on cyber security SCADA. Thanks for sharing information
Post a Comment