ICS Security

Apologies for being late with the Friday News & Notes this week. I spent the end of last week getting some inspiration from people that achieve amazing things through passion and incredibly high standards in unrelated fields.

Heise, a major German publisher, introduced the German market to the Internet connected ICS. Nothing new here, but some good screen shots of what they found.

ICS-CERT strangely published 30+ mitigations for Shamoon. Why now? And what to these mitigations have to do with Shamoon? They are basic SCADASEC and INFOSEC 101. Backup, incident response, anti-virus, segment, … To be charitable this is a worthwhile message to put out over and over again, but if they wanted to take advantage of the Shamoon buzz to get this info out they are quite late. If they wanted to make a more compelling document, they could have tied the recommended controls into the attack and demonstrated how they would have helped prevent, detect or respond to Shamoon. ICS-CERT continues to be weak.

Rand Beers has been named the Acting Deputy Secretary of DHS. This may help ICSsec get a bit more attention since Mr. Beers was the Under Secretary for the National Protection and Programs Directorate (NPPD).

Patrick Coyle reports on a scheduled public meeting of the US Information Security and Privacy Advisory Board. The meeting will address issues related to President Obama’s Cybersecurity Executive Order.

Tweet of the Week

[blackbirdpie id=”329974483203002370″]

Don’t forget to subscribe to this blog RSS feed and follow @digitalbond.com on twitter.

Worth Reading Articles

Critical Intelligence’s ICS Security Event Calendar Updates

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by duncan