What's It Going to Take Before We Start Getting Real about Industrial Control Security Issues
Walt Boyes posted a link to a story about a cyber incident in the Netherlands that came via Eric Byres of the Byres Security division of Hirschmann/Belden. (Cyber Security Nightmare in the Netherlands). The story generated the following response.
[Boyes asked] "What's it going to take before we start getting real about industrial control security issues?" I believe the answer is simple. It's going to take regulation or a major incident. However if we see a major incident, it will almost definitely trigger regulation. So the question is should we do the required regulation right away or wait until it is forced by an incident, and put together [something] in the heat of finger-pointing and CYA.