Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.
It appears to be a big few days for Wurldtech. Yesterday, HIMA declared itself the 13th vendor to standardize on the Achilles platform for security testing during and throughout the product development lifecycle. Today it is Invensys.
Wurldtech appears to be building up a significant head of steam as the unofficial standard for cyber security testing of control and automation systems and industrial networks. Here's the latest-- a press release, not from Wurldtech, but from HIMA Paul Hildebrandt, Wurldtech's customer:
If all one had to draw from was the flood of conferences, webinars, and advertisements, it would appear that the Smart Grid is a very recent invention that will be installed en-masse in the near future. In reality, elements of the Smart Grid first appeared in the 1998-2000 time-frame.
The Smart Grid Roadmap, Report to NIST on the Smart Grid Interoperability Standards Roadmap has some very curious conclusions and descriptions. They involve DNP3, NERC CIPs, NIST SP800-53 and NIST SP 800-82. These descriptions and recommendations (or lack therof) can have long term, expensive ramifications.
Early this week, Wes McGrew a PhD student at Mississippi State (I gave a lecture there last October) helped contribute to the arrest of a hacker who compromised the HVAC system at a Dallas area hospital. Wes has a great story to tell. You can find it at:http://www.mcgrewsecurity.com/2009/07/02/ghostexodus-part2/ Joe Weiss
In the June 22nd issue of InformationWeek, the cover story is cyber security – What’s Your Appetite for Risk?. The focus was on intentional cyber attacks against the IT infrastructure. I wanted to focus on two charts. The first is What are the Primary Goals of Your Risk Management Initiative?.