Yesterday afternoon I received a note from another security expert that has left me a bit stunned. Like most of you, I assumed that if you are patching your Windows computers on your SCADA or ICS system (using some variation of Microsoft Windows Update), then any vulnerable services that can be patched will be patched. Well guess again – you may still have a number of open vulnerabilities that are happily being missed by the Windows update service. And scariest of all, you can’t do much about it. Read more
 In my blog article Industrial Data Compromise – The New Business Risk I recommended that End Users and Control Engineers need to redouble their efforts in relation to securing their process. However, finding the best way to justify the costs of implementing and maintaining a more secure process environment is new territory even for the most seasoned control system engineer. In this article I suggest a way to determine the right amount of investment in ICS and SCADA security measures. Read more |