ICS Security News

DHS’s ICSJWG is next week in Rockville, MD??? I guess it is still happening, but there isn’t a published agenda for the Nov 6-7 event on the ICSJWG web site area. Click on the announcement picture and you go 404. Plus there is the added bonus of no food at the event “Because meetings are no longer co-located with a hotel, members will need provide for their local accommodations and arrange for travel and meals.” How important is that public/private partnership?

Congratulations to Adam Crain and Automatak for getting a DHS Homeland Open Source Technology (HOST) grant to add secure authentication to their opens source DNP3 protocol stack. Also kudos to Doug Maughan and DHS S&T for continuing to fund very practical ICS security research.

Control Engineering has a 13-part video training series on cyber security taught by Matthew Luallen of Cybati. It is free after registering for the site.

Thales has opened a critical infrastructure cyber security lab in the UK. More evidence that the big boys see a growing opportunity in this space.

Finally the latest in the Battelle/INL v. Southfork Security case. An interim win for Southfork as the temporary restraining order is lifted and a Battelle requested preliminary injunction is denied. The rest of the news is ominous for Southfork Security as the court wrote “Battelle is likely to succeed on its contract claims, including its third claim for breach of contract and its seventh claim for breach of the implied covenant of good faith and fair dealing.” Also, the court seems to be taking the national security claim seriously, which is embarrassing.

… and I still owe the promised Insecure By Design / Secure By Design explanation. Next week.

Tweet(s) of the Week

Devote 20% of your cycles to pay down technical debt. Via @joshcorman #rsac

— Dwayne Melancon (@ThatDwayne) October 30, 2013


And you all thought we were the bad guys. hahahaha! RE: NSA

— Unit_61399 (@Unit_61399) October 30, 2013

Worth Reading Articles

Critical Intelligence’s ICS Security Event Calendar Updates

Nothing this week.

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by chrisinplymouth