When most of today’s best practices were documented, 4-5 years ago, security measures such as firewalls, VPN’s, antimalware, security updates, others, were seen by most practitioners as adequate protection from the then-pervasive, modern threats of the day: professionally produced viruses, worms and botnets. In the last half decade though, this assessment has been challenged. Traditional best-practice security technologies are all software-based. All software has defects, and some defects are security vulnerabilities. In practice then, all software and all software security technologies have discovered and undiscovered vulnerabilities. Today’s pervasive, modern threats routinely defeat software security technologies.Expendable ICS Networks Whitepaper
In the last half decade, hardware-enforced security measures in the form of Unidirectional Security Gateways have come into widespread use, and are becoming part of best-practice guidance. With this industrial cyber security alternative now recognized as a best-practice, ICS/SCADA security practitioners are increasingly asking “If software-based security measures fail to protect even IT networks from compromise, why would we use them to protect our ICS networks? Which of our ICS networks are expendable?”
When most of today’s best practices were documented, 4-5 years ago, security measures such as firewalls, VPN’s, antimalware, security updates, others, were seen by most practitioners as adequate protection from the then-pervasive, modern threats of the day: professionally produced viruses, worms and botnets. In the last half decade though, this assessment has been challenged. Traditional best-practice security technologies are all software-based. All software has defects, and some defects are security vulnerabilities. In practice then, all software and all software security technologies have discovered and undiscovered vulnerabilities. Today’s pervasive, modern threats routinely defeat software security technologies.Expendable ICS Networks Whitepaper
In the last half decade, hardware-enforced security measures in the form of Unidirectional Security Gateways have come into widespread use, and are becoming part of best-practice guidance. With this industrial cyber security alternative now recognized as a best-practice, ICS/SCADA security practitioners are increasingly asking “If software-based security measures fail to protect even IT networks from compromise, why would we use them to protect our ICS networks? Which of our ICS networks are expendable?”
Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions
At Waterfall, Andrew leads a team of experts who work with the world’s most secure industrial sites. He is author of two books on industrial security, a co-author of the Industrial Internet Consortium’s Security Framework, and the co-host of the Industrial Security Podcast. Andrew spent 35 years designing SCADA system products for Hewlett Packard, IT/OT connectivity products for Agilent Technologies, and OT/ICS security products for Industrial Defender and Waterfall Security Solutions.
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
