I received the following Link-in request and thought it would be of interest as I believe it covers a broad swath of the utility infrastructure.
“We met several years ago, I think back in 2002, when you spoke at a SCADA system users group meeting. I was just becoming acquainted with the world of SCADA having working most of my career in IT. At the time, I did not quite understand why there was such a concern about SCADA systems and their vulnerability to public networks. I had my system designed within a private network and felt that it was secure. Doesn't everyone do the same thing? Well it was not until these past few years that I became exposed to other companies and their network designs and realized the extreme difference between the areas of IT and ICS.
I recently watched a YouTube video of you conducting a lecture at Stanford on the topic of cyber security and how it affects industrial control systems. I understood everything you spoke about, more deeply than your audience, and remembered how passionate you were about those topics back at the OSI user's group. This brief lecture has given me additional inspiration to pursue the area of cyber security and help bridge the gap between the IT and ICS realms. These fields are becoming more associated and require individuals with skills that can effectively work in both.
Thank you for your insight and knowledge in these areas of ICS security. Hopefully, having you as a contact will allow me to follow you more closely and keep up to date on the future progression of this field.”
How can we get more people willing to acknowledge the depth of the ICS cyber security problem?