Joe's been busy-- on panels and testifying before Congress

March 20, 2009

Our intrepid blogger has been a busy man. This week, he taught a course in security for IEEE in Seattle, was on a panel in Monterey, and testified before the Senate Commerce, Science and Transportation Committee. We'll hear more from Joe about this when he comes up for air, but for now, I thought I'd post something about it.

In an article from Federal Computer Week, by Ben Bain, the reporter described the hearing.

Our intrepid blogger has been a busy man. This week, he taught a course in security for IEEE in Seattle, was on a panel in Monterey, and testified before the Senate Commerce, Science and Transportation Committee. We'll hear more from Joe about this when he comes up for air, but for now, I thought I'd post something about it.

In an article from Federal Computer Week, by Ben Bain, the reporter described the hearing.

Cyber vulnerabilities could threaten research and development efforts, and action is needed to stop the commercial losses caused by cyber attacks, cybersecurity experts told a Senate committee today.

The group of experts testifying before the Senate Commerce, Science and Transportation Committee urged more education, research, private-sector involvement and regulations to close cyber vulnerabilities. Panelists also discussed the need to improve the cybersecurity of the systems used to control the delivery of electricity, water, gas and oil.

The government is working on a new Smart Grid that would use computer technologies to make the country's energy infrastructure more efficient.

But the government’s plans for increased technology research and a smart electric grid could be compromised if cybersecurity is not improved, said James Lewis, director of the Center for Strategic and International Studies’ Technology and Public Policy Program.

“Unfortunately, if the new smart meters are not secure, they can be hacked, taken over by attackers and used to disrupt the delivery of electricity,” Lewis said. “If the smart grid is built to existing standards, however, it will not be secure.”

Lewis said that although cybersecurity is often considered a homeland security and military problem, the primary vulnerability is economic, and he emphasized the Commerce Department's role in improving cybersecurity.

“The real risk lies in the long-term damage to our economic competitiveness and our technological leadership,” he said.

Joseph Weiss, a managing partner at Applied Control Solutions and an expert in cybersecurity for systems used to control infrastructure, said action is needed to protect critical assets controlled by computers.

Weiss said current efforts to secure computerized control systems are at the point mainstream information technology security efforts reached 15 years ago. Control systems are similar to standard IT systems, but specific strategies are needed to secure them, he added.

“While sharing basic constructs with IT systems, control systems are technologically, administratively and functionally different than IT systems,” Weiss said. “And this will have a significant impact on the Smart Grid.” 

And the entire hearing is on video, and you can watch it here. We'll try to excerpt Joe's testimony and have it streaming on our site next week.

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.