Our indefatigable blogger and functional security expert, Joe Weiss, was asked to provide written testimony for the record for the House Homeland Security Committee on Emerging Threats, Cybersecurity, Science and Technology hearings on the cyber security of the electric grid for today's hearing.
It appears to be a big few days for Wurldtech. Yesterday, HIMA declared itself the 13th vendor to standardize on the Achilles platform for security testing during and throughout the product development lifecycle. Today it is Invensys.
Wurldtech appears to be building up a significant head of steam as the unofficial standard for cyber security testing of control and automation systems and industrial networks. Here's the latest-- a press release, not from Wurldtech, but from HIMA Paul Hildebrandt, Wurldtech's customer:
In a report published June 12th, Register.com's Dan Goodin reports, "The newfangled meters needed to make the smart grid work are built on buggy software that's easily hacked, said Mike Davis, a senior security consultant for IOActive.
The combining and recombining in the functional security world is beginning to look like a test tube full of recombinant DNA as companies jockey for the ability to offer a completely integrated security solution. Here's Wurldtech and Matrikon's latest effort:
[img_assist|nid=2886|title=US Power Plants|desc=|link=none|align=right|width=480|height=310]It makes you wonder, doesn't it, how the electric utilities can have so few critical assets. I would think that most of those big splotches of red in the Southeastern United States where there are so many power plants that the resolution of the map can't show...