Posted by Joe Weiss:
The industry uses the general term "threat information," but during more detailed discussions, it seems that the information companies seek is more like the traditional military concept of "tactical information."
Users get the security they're willing to pay for...and not any more. #pauto #cybersecurity #opsmanage #NERC
A lot of this will be in my December Editorial:
OK, faced with the Siemens vulnerability, which could have been anybody else's vulnerability just as easily, what should we do?
Auke Huistra,Project manager Cybercrime Information Exchange NICC, posted this on the SCADASEC mailing list:
The following was posted, among other places, on the SCADASEC listserv. Eyal Udassin, a well-known and well respected security researcher with significant experience with control system functional security has discovered a vulnerability in some of Rockwell's products, and he and Rockwell have moved quickly to fix the vulnerability.
The December issue of IEEE Spectrum had a small lead about the following Open Source attempt to hack the GSM phone system. The full article can be found at http://spectrum.ieee.org/telecom/wireless/open-source-effort-to-hack-gsm/0.
We've mentioned this before, but here's something you really ought to put on your calendar.
Walt Boyes interviewed Bjorn Gudehus of Bell Canada, who is both a security analyst and an automation professional, and who has a distinctive voice and opinion on this important question.