Can We Learn from Industrial Control Systems/SCADA Security Incidents?
The EU's cybersecurity Agency ENISA released this white paper, giving recommendations regarding prevention and preparedness for an agile and integrated response to cybersecurity attacks and incidents against industrial control systems (ICS)/SCADA.
Security experts across the world continue to sound the alarm bells about the security of industrial control systems (ICS). Industrial control systems look more and more like consumer PCs. They are used everywhere and involve a considerable amount of software, often outdated and unpatched. Recent security incidents in the context of SCADA and Industrial Control Systems emphasise greatly the importance of good governance and control of SCADA infrastructures. In particular the ability to respond to critical incidents and be able to analyse and learn from what happened is crucial.
Increasing numbers of recent security incidents against industrial control systems/SCADA raise questions about the ability of many organisations to respond to critical incidents, as well as about their analytical capabilities. A proactive learning environment through ex-post analysis incidents is therefore key.
The goal of an ex-post incident analysis is to obtain in-depth-knowledge regarding the incident. This gives you the ability to:
- Rely on robust evidence in order to respond to the changing nature of domestic and alien threats;
- Ensure that enough learning takes place in order to deploy resilient systems.
In this white paper, we identified four key points for a proactive learning environment which will in turn ensure a fast response to cyber incidents and their ex-post analysis.
Author: ENISA | File Type: PDF