SANS Institute presents Invensys with process control security award

May 3, 2006
Group recognizes Invensys practices for facilitating user security procedures and protecting process infrastructure owners’ critical assets.
AT ITS RECENT Security Summit, the SANS Institute presented Invensys Process Systems the 2006 Process Control Security Leadership Award. The award recognizes organizations that are difference-makers in cyber security for critical enterprise infrastructures.

The SANS citation declared that Invensys has demonstrated that vendors can take much of the pain, cost, and uncertainty out of securing process and SCADA systems. The award identified some Invensys practices, including rigorous pre-testing of operating system updates and software security patches, and additional enhancements such as providing anti-virus within its core distributed control system (DCS) product, that make security better, easier and less expensive for asset owners. These factors, according to SANS, can make the difference between asset owners “betting their system reliability” on security issues, and being able to operate with confidence that security measures have been built in to their control systems.

According to Ernest Rakaczky, program director of process control network security at Invensys Process Systems, vendors need to work closely with enterprise and process asset owners to secure the infrastructure. “We as vendors are controlling major plants,” he said. “That becomes a lifetime arrangement. This means that our security procedures and practices are intertwined with the business operations of our customers.”