Items Tagged with "ICS"


3e35900ae6facc6c146a85c435c71d82

Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure

April 09, 2013 Added by:Ben Rothke

In Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure, authors Eric Knapp and Raj Samani provide and excellent overview on what the smart grid is and how it can be secured.

Comments  (1)

682e0e796084e163c5ca053dd8573b0c

Making Patching Work for SCADA and Industrial Control System Security

April 05, 2013 Added by:Eric Byres

Applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. What I am against is patching as a knee-jerk reaction to security vulnerabilities. You can’t expect your control system to operate reliably if you don’t have a controlled process for patching.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The Threat to Industrial Control Systems from Physical Persistent Design Features (PPDF)

April 01, 2013 Added by:Joe Weiss

Industrial control systems (ICSs) were designed for reliability and safety and to enable system operability and functionality. Many ICSs were originally designed before networking was commonplace. Consequently, cyber security was not a design consideration.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

SCADA and ICS Security Patching: The Good, the Bad and the Ugly

March 26, 2013 Added by:Eric Byres

Let's examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process...

Comments  (1)

682e0e796084e163c5ca053dd8573b0c

SCADA and ICS Security: Welcome to the Patching Treadmill

March 15, 2013 Added by:Eric Byres

After Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure. Unfortunately, the SCADA and Industrial Control Systems applications they are now focusing on are sitting ducks.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

Time to Speak Up on New IF-MAP Specs for ICS and SCADA Security

February 12, 2013 Added by:Eric Byres

Something I believe industry urgently needs is better standards for information exchange between security solutions. Unfortunately while TCG has had feedback from the IT community, they have received little from the SCADA or ICS community. I encourage everyone involved with SCADA and ICS security to review the specification.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

SCADA Security Directions for 2013 - How Will ICS and SCADA Security Change in 2013?

February 01, 2013 Added by:Eric Byres

You see, every January I get asked to make between three and five predictions for the upcoming year. Then every December people remind me that I made those predictions 12 months ago. Then they get to tell me how poorly I did.

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Optimism... or Special Interests?

October 31, 2012 Added by:Jayson Wylie

There seems to be some political purpose to the current interests around Kaspersky. They are becoming involved in investigating malware of a cyber weapon nature instead of the constant pursuit of Trojan variants and financial fraud that is more damaging to the masses originating around their home office...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

The Difference Between ICS/DCS and SCADA Security

August 20, 2012

Anthony M. Freed, from Infosec Island met up with James Arlen at the 2012 BlackHat Conference in Las Vegas to learn more about the differences between the two systems, how people view them, how to differentiate between the two, and what needs to happen in order for people and businesses to stay safe...

Comments  (0)

6d117b57d55f63febe392e40a478011f

BSidesLV 2012: Termineter Framework and Smart Meter Testing

July 31, 2012

The "Power Grid" is a growing topic in the security industry and Advanced Metering Infrastructure (AMI) is a topic that hasn't been discussed to its full potential. Spencer's presentation discussed the types of vulnerabilities found in Smart Meters, and gave examples from real world assessments he conducted...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Electricity Subsector Cybersecurity Capabilities Maturity Model

July 03, 2012

The goal of the Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) is to support ongoing development and measurement of cybersecurity capabilities within the electricity subsector. The model was developed to apply to all electric utilities, regardless of ownership structure, size, or function...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Report Examines Increasing Threats to Critical Infrastructure

June 21, 2012 Added by:Headlines

“Outdated security methods that use a maze of disparate, multi-vendor, and stacked security tools will only delay a cyber attack, providing numerous opportunities for a more advanced and modern cyber adversary to attack cyber security postures throughout critical infrastructure...”

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Stuxnet, Flame, Duqu Less Dangerous than Conventional Attacks

June 21, 2012 Added by:Headlines

“Our advice to ICS and SCADA network managers is to be informed of new threats like Flame, but be especially vigilant against the more conventional, widely understood threats. In all likelihood, a simple denial-of-service attack has a better chance of wreaking havoc on their network than Stuxnet or Duqu"...

Comments  (0)

5106d48203954b74e6ea495e5c7f21b0

The Need for Improved Critical Infrastructure Protection

June 13, 2012 Added by:William Mcborrough

Tackling the problem of critical infrastructure protection will take concerted efforts from the public and private sectors. An appropriate governance structure is needed to avoid the inevitable over-reaction that will follow the inevitable catastrophic attack against our critical infrastructure...

Comments  (4)

0a8cae998f9c51e3b3c0ccbaddf521aa

SCADA Security: Consequences and Difficulty with Incentives

May 18, 2012 Added by:Rafal Los

Here's the problem - when it comes to critical infrastructure protection it's very difficult to legislate and regulate the organizations that matter into a state of better security. The problem is that in order to enforce policy and rules there either have to be consequences to failing, or incentives not to fail - or both...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS: Industrial Control Systems Threats Increasing

May 03, 2012 Added by:Headlines

“We pay particular attention to industrial control systems. We’re seeing a troubling increase in the threats and the vulnerabilities associated with those. But we are making progress on that, I think,” DHS deputy undersecretary for cybersecurity Mark Weatherford said...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »