Items Tagged with "SCADA"


201d6e4b7cd0350a1a9ef6e856e28341

Unintentional ICS Cyber Incidents Have Had Significant Impacts on Nuclear Plants – Why Aren’t they Being Addressed?

October 02, 2014 Added by:Joe Weiss

The NIST definition of a cyber incident as defined in FIPS PUB 200, Minimum Security Requirements for Federal Information and Information System, is electronic communications between systems or systems and people that impacts Confidentiality, Integrity, and/or Availability. The incident doesn’t have to bemalicious or targeted to be a cyber incident

Comments  (0)

457ad4752923de991424e3d0f5a6abb6

Shining a Light on Industrial Control Networks with Purpose Built Intrusion Detection Systems

September 16, 2014 Added by:Nate Kube

There are differences between industrial control systems and enterprise IT networks resulting in different security needs. To protect industrial networks, system operators must opt for an industrial next gen firewall with an IDS that fully understands industrial protocols and the specific context of each industrial command.

Comments  (0)

306708aaf995cf6a77d3083885b60907

2014 ICS Cyber Security Conference Agenda Update

August 15, 2014 Added by:Mike Lennon

The 14th ICS Cyber Security Conference will have 5 major themes: Actual ICS cyber incidents; ICS cyber security standards; ICS cyber security solutions; ICS cyber security demonstrations; and ICS policy issues.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

Is BYOD Security Really Concerned with Safety – or Is It About Control?

July 14, 2014 Added by:Eric Byres

As SCADA security professionals we need to pick our security battles carefully. I will be looking deeper into the real goals of any SCADA security policy or technology I am exposed to. Is it really helping make SCADA and ICS safer? Or is it just a way to make control easier? Is it addressing the real risks? Or is it just for show?

Comments  (0)

306708aaf995cf6a77d3083885b60907

DHS Mistakenly Releases 840-pages of Critical Infrastructure Documents

July 09, 2014 Added by:Mike Lennon

The U.S. Department of Homeland Security (DHS) has released hundreds of documents, some of which contain sensitive information and potentially vulnerable critical infrastructure points across the United States, in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

2014 ICS Cyber Security Conference – Mark Your Calendar

June 02, 2014 Added by:Joe Weiss

It's official! The 2014 (the 14th) ICS Cyber Security Conference will be held October 20 – 23, 2014 at the Georgia Tech Hotel and Conference Center in Atlanta.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

SecurityWeek Acquires Industrial Control System Cybersecurity Conference Series

April 28, 2014 Added by:InfosecIsland News

SecurityWeek announced that it has acquired the ICS Cybersecurity Conference series, the leading organizer of cybersecurity-focused events for the industrial control systems sector.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

A Wake-up Call to Ignoring Cyber Threats – PG&E Indicted on Criminal Charges

April 07, 2014 Added by:Joe Weiss

On April 1, a federal grand jury indicted PG&E on 12 counts of knowingly and willfully violating the federal Pipeline Safety Act leading to the San Bruno natural gas pipeline rupture.

Comments  (0)

86d8831c7ce6fcda920aac867a984d98

Improving SCADA System Security (Part 1)

December 21, 2013 Added by:InfoSec Institute

Supervisory control and data acquisition (SCADA) networks are considered by cyber strategists to be the backbone of any country. Critical infrastructure, and in particular control systems, require protection from a variety of cyber threats that could compromise their ordinary operation.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

DNP3 Vulnerabilities Part 2 of 2 – Why DPI Firewalls Might be Industry’s Only Hope

December 05, 2013 Added by:Eric Byres

DNP3 serial links connect millions of physically insecure pad and pole-mounted devices. Accessing just one of those devices opens the door to a system wide attack. Since there is no way that every one of these devices can be inside the perimeter, the concept of NERC’s ESP is fatally flawed.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

DNP3 Vulnerabilities Part 1 of 2: NERC’s Electronic Security Perimeter is Swiss Cheese

November 07, 2013 Added by:Eric Byres

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

Enough Clucking – Start Fixing the SCADA Security Problem

September 12, 2013 Added by:Eric Byres

I am not a SCADA Apologist. If anything, I consider people like myself and Joel Langill to be SCADA Realists. Clearly Joel and I believe security is important. If we didn’t, we wouldn’t be in this business. And our clients don’t pay us to hear: “Do nothing; it’s the other guy’s fault.”

Comments  (0)

6d117b57d55f63febe392e40a478011f

Securing Critical Infrastructure Through Information Sharing

July 24, 2013 Added by:Anthony M. Freed

In this panel discussion industry experts investigate the possible sources and application of the knowledge needed to secure critical infrastructure

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

Hammer Time

June 10, 2013 Added by:Chris Blask

The Situational Awareness Reference Architecture (SARA) is what the ICS ISAC was created to foster, and to itself be a part of. Until this year, when evolutions in many areas have come together to provide the necessary foundations there has not been any value in trying to drive to a final specific definition of SARA. Today however, evidence that the stage is set for the final act is everywhere.

Comments  (0)

9f7431ea593b8e57401c08f40adc6e34

Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way

May 16, 2013 Added by:Francis Cianfrocca

Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.

Comments  (2)

6d117b57d55f63febe392e40a478011f

The Evolution of Industrial Control System Information Sharing

May 16, 2013 Added by:Anthony M. Freed

The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.

Comments  (2)

Page « < 1 - 2 - 3 - 4 - 5 > »