Why can't cyber IT and Operations defenders seamlessly work together like attackers do?

Yesterday while I was at the TransAtlantic Cyber Security Research Workshop in Washington, I had a chance to talk to a representative from Estonia (I will provide more details on the Workshop after I get the URL with the presentations. Paul de Souza has graciously provided his observations at http://paulcsfi.wordpress.com/2011/04/15/transatlantic-cybersecurity-research-workshop-at-the-hungarian-embassy/). In the process of explaining Stuxnet, a very important fact became clear. Stuxnet took extremely talented IT experts to develop the Windows attack vectors including the use of 4 complementary Microsoft zero day vulnerabilities. The PLC experts were able to craft the PLC root kits. Stuxnet was successful because the IT and PLC experts worked together to seamlessly craft Stuxnet. Why can’t IT and Operations cyber defenders learn to work together?
Joe Weiss

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


  • <p> Joe; </p> <p> It seems to me that the answer to your question is pretty obvious and can be summed up in two words: "shared purpose". </p> <p> In the example that you cited the attackers clearly came together with a common purpose or shared objective. The same cannot always be said of IT and Operations. Until we can get everyone to understand that there is a common purpose in defense and that it is based on assuring operation excellence in safety, availability and reliability of the process under control we will continue to struggle. </p> <p>   </p>


RSS feed for comments on this page | RSS feed for all comments