Patching in a Rush? Risky Business for SCADA and ICS Security

Posted by Eric Byres on 03/04/2013

In my last blog, I discussed the reasons why critical industrial infrastructure control systems are so vulnerable to attacks from security researchers and hackers, and explained why patching for such systems is not a workable solution.

But let’s now examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process (for example, through the staged patching of redundant controllers)…

“You may run the risks, my friend…” Image Credit: pictureshowpundits.com Read more »

Posted in Industrial Security
Tags: Patching, Risk Assessment, Security Risks
Leave a comment

SCADA Security: Justifying the Investment

Posted by Frank Williams on 26/03/2012

In my blog article Industrial Data Compromise – The New Business Risk I recommended that End Users and Control Engineers need to redouble their efforts in relation to securing their process. However, finding the best way to justify the costs of implementing and maintaining a more secure process environment is new territory even for the most seasoned control system engineer. In this article I suggest a way to determine the right amount of investment in ICS and SCADA security measures. Read more »

Posted in Industrial Security
Tags: CFO, Microsoft Windows, Process Control Network/PCN, Risk Assessment, Stuxnet, TCP/IP
Leave a comment

WiredMinds eMetrics tracking with LeadLab

beldensolutions.com

Featured Bloggers

Popular Tags

Post navigation

Patching in a Rush? Risky Business for SCADA and ICS Security

SCADA Security: Justifying the Investment

Post navigation

Subscribe

On Twitter