Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.
I organized the first two control system cyber security panels at ISA Expo 2001 in Houston on 9/10. At that time, control system cyber security was a reliability and economic issue and did not become a national security issue until the next day – 9/11.
I had some recent experiences with very knowledgeable people that demonstrate how little we really communicate with each other. Yesterday I had a discussion with an IT security vendor who has a security solution for endpoint devices.
After hearing Ross Anderson's contribution to S4, Éireann Leverett used the SCADASEC listserve to ask if you think we need more economic research to be done with in the SCADA Security community, particularly on the cost of incidents. He additionally asks if we get some good data on the cost...
There is an on-going thread concerning system complexity and security trends on the SCADA perspective listserver. In order to maintain the very high reliability required of control systems, they are built on the KISS principle - "Keep It Simple Stupid." System complexity goes against the KISS principle.
Last week, I attended the ISA 100 Wireless meeting in Mt. View including the Trusted Wireless Interest Group (TWIG) meeting. There were several very good presentations on different aspects of security. However, none were specific to wireless.
The following note was placed on the Link-in PCSF members' site by Perry Pederson: "What's up with the Comprehensive National Cybersecurity Initiative (CNCI)? I attended a vendors day conference at DHS-NCSD yesterday where they briefed industry on the role that NCSD will have in the execution of the CNCI.
Many IT and control system vendors are claiming to offer NERC CIP-compliant products. That makes for great marketing hype. However, the NERC CIPs are written for end-users to validate their comprehensive security program, not for vendors.
Yesterday, Peter Welander of Control Engineering provided the following editorial - Cyber Security Issues Take Center Stage in 2009. I completely agree with Peter’s thoughts that cyber security will become a big issue in 2009. However, I wanted to correct the impression being left by one statement: “First and foremost,...