We were the first, after the Associated Press, to disclose the Stuxnet virus, and we have consistently been in the forefront of cybersecurity information for five or six years now, publishing articles by Joe Weiss, of ACS; Ralph Langner, who took the virus apart and did the first major published study of it; Eric Byres and John Cusimano from the Repository of Industrial Security Incidents (RISI); Eric Cosman, co-chair of the ISA99 Cybersecurity Standard committee; and most recently, Morteza Rezaei, an Iranian automation engineer, on what people in Iran know about Stuxnet.
We have talked about the gap between IT and plant level security for many years, and we've developed a large body of work at ControlGlobal.com.
We know that plant-level security is different and more complex than standard enterprise security. You know that, but your IT people may not.
So give this page to your IT folks, and tell them we have resources for them. Boy, do we have resources!
Our October cover story every year, and sometimes the entire issue, is devoted to plant IT security issues. There is a ton of learning for your IT folks if they just read the last five October issues, available in either Flash or PDF format at ControlGlobal.com.
Here are some other resources for them:
- "Security in Your Safety DNA: If Your Functional Safety and Cybersecurity Programs Aren't Intertwined, You May Not Be as Safe as You Think."
- "Back to Basics: Cybersecurity:" Watch this video and learn how to defend your security control systems from cybersecurity attacks.
- "Cybersecurity Through Real-Time Distributed Control Systems:" This whitepaper from Oak Ridge National Laboratory discusses some critical infrastructure sites and facilities.
- "New Cybersecurity Standard for Process Control Industries:" Information on Version 2 of the "Process Control Domain—Security Requirements for Vendors."