Control System Cyber Incidents and Why They are so Often Overlooked

Thursday, April 09, 2015

Joe Weiss

201d6e4b7cd0350a1a9ef6e856e28341

Cyber security is now a very hot subject. However, the discussions are about IT cyber security and data breaches not control system cyber security and equipment damage. Where there have been discussions about control system cyber security, the discussions generally focus on the lack of documented control system cyber incidents.

The lack of documented incidents is generally due to lack of appropriate control system cyber security forensics and/or lack of appropriate training for Operations staff to identify the incidents as cyber. However, control system cyber incidents continue to occur and continue not to be identified as cyber. Identifying control system cyber incidents can provide a basis for developing and implementing appropriate control system cyber security technologies, policies, and training. Senior management often doesn’t believe control system cyber security is real, which results in the lack of senior management buy-in. Identifying control system cyber incidents can demonstrate to senior management the problem is real and the consequent need to support a control system cyber security program.

The following article provides a good discussion about this subject: http://www.csmonitor.com/World/Passcode/2015/0323/How-cyberattacks-can-be-overlooked-in-America-s-most-critical-sectors

This was cross-posted from the Unfettered blog. 

8820
Firewalls IDS/IDP Network Access Control Network->General SCADA Breaches CVE DB Vulns US-CERT
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.