Insights from the NISA International SCADA Security Forum conference

Posted on 06. Apr, 2011 by Reza Rafati Tag: conference, forum, international, NISA, SCADA, security
  • Share this
  • Pick a random article for me

Insights from the NISA International SCADA Security Forum conference

(NISA stands for National Information Security Authority, which is a division of the Israeli Security Agency).

We all know that SCADA has been considered a security nightmare for a long time. Admittedly, I only have a short experience with such systems and control systems in general (just short of two years), but the topic is fascinating. The main challenges in securing control systems from my point of view is the ability to “connect” with the domain experts and understand the systems and processes properly.
Unfortunately, we, as a security community are far from it (at least based on what I have seen in the past couple of days in the conference). The rush to force traditional IT solutions and ways of thinking onto control systems just do not work. From “learning” firewalls that monitor the industrial control protocols, to systems that are designed to ADD complexity to the threat modeling by layering network and Internet related threats to SIEM mechanisms and add the “scada” data to it. These are all solutions that are Bound to fail as they do not understand the actual needs and operational state of mind of control systems engineering.

If we take a new and unbiased look at what kind of data and processes are involved in such systems, we (as in the security community) would be thrilled to learn that there are a lot of untapped intelligence resources that would substantially help us in building a more appropriate and relevant detection and alerting mechanisms. Trying to force an IT solution on these would be an exercise in fitting a square peg into a round hole, and as exciting as that may be we all know what would be the outcome of it.

To sum things up – just as you would not pretend to know the environment of a financial or a commercial customer when approaching the task of securing it, control systems pose an ever more distinct challenge. Open up, keep the critical thinking and most of all LISTEN. You’ll find out that long before you can start pushing the “cyber” agenda, you have much to work with just with the basic data and processes already at hand, and that there is a lot of value that a security practitioner can bring to such an organization.

Source

 

 


Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
CAPTCHA
This is to prevent spammers. Authenticated users can skip the CAPTCHA security measure.
Image CAPTCHA
Enter the characters shown in the image.

Memorial

Knowledge is suppressed because of its power to change.
Online since 30-jan-2010 

 

Security tips #1

Choosing and Protecting Passwords
Coordinating Virus and Spyware Defense
Cyber Security Tip - Cyber Security
Debunking Some Common Cyber Myths
Good Security Habits
Guidelines for Publishing Information Online
Understanding Anti-Virus Software
Understanding Firewalls
Understanding ISPs

Interesting links

Study 4 Cyberwar

Dutch cyber warfare community

Aurora Cyberconflict Research Group

Sec-recon.blogspot.se

 

 

Donate

Donate & Help us out. Server(Drunk cost money. 


 

Security tips #2

Avoiding Social Engineering and Phishing Attacks
Dealing with Cyberbullies
Preventing and Responding to Identity Theft
Recognizing and Avoiding Spyware
Recovering from Viruses, Worms, and Trojan Horses
Understanding Denial-of-Service Attacks
Understanding Hidden Threats: Corrupted SoftwareFiles
Understanding Hidden Threats: Rootkits and Botnets

Who's new

  • ciberprov
  • michael.nguyen
  • mornjinfeng
  • aniketdaptardar
  • hadriker
  • Alanw

Security vids #1

Team Cymru Research NFP is a specialized Internet security research firm and 501(c)3 non-profit dedicated to making the Internet more secure. Team Cymru helps organizations identify and eradicate problems in their networks, providing insight that improves lives.

Team Cymru the video series 1 to 10
Team Cymru the video series 11 to 20
Team Cymru the video series 21 to 30
Team Cymru the video series 31 to 40
Team Cymru the video series 41 to 50
Team Cymru the video series 51 to 60

CWZ Books

Who's online

There are currently 0 users and 23 guests online.

Security vids #2

The Center for Education and Research in Information Assurance and Security (CERIAS) is currently viewed as one of the world’s leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure.

CERIAS is unique among such national centers in its multidisciplinary approach to the problems, ranging from purely technical issues (e.g., intrusion detection, network security, etc) to ethical, legal, educational, communicational, linguistic, and economic issues, and the subtle interactions and dependencies among them.

CERIAS Security: Attribute-Based Access Control
CERIAS Security: Information Flow Analysis in Security Enhanced Linux
CERIAS Security: Towards Mining Syslog Data
Weapons of Mass Disruption Gallery Launch: Reitinger Remarks
Weapons of Mass Disruption: Mike McConnell on The Nightmare Scenario

Security vids #3

Bruce Schneier on Cyber War and Cyber Crime Lulzsec: LulzPirate and his path of destruction
Britain's defence pact no threat to NATO's future NATO - Six Colours: War in cyberspace
Cloud Computing Security & Hosted Email Archive Security Marcus Ranum on cyberwar, critical infrastructure protection
Cyber attack or media hack? BlueHat v10: Cyber [Crime/War] -- Connecting the Dots
Cyber warfare, chess and denial-of-service attacks Preparing for Cyber War: Strategy and Force Posture in the Information-Centric World
Cybersecurity and a government shutdown Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon
DefCon 15 - T112 - No-Tech Hacking SCADA Honeypot
About CyberWar, Deterrence, and Espionage SNAP: Network analysis and graph mining library for massive networks
Image-Based Authentication for Password Strengthening Symantec Guide to Scary Internet series 1 to 7
Insights from the NISA International SCADA Security Forum conference Stealing Facebook Login using Social Engineering Toolkit
Why is digital pentesting not enough Ten Commandments of IT-Security for Web 2.0 Startups
Iran and the Internet: A Conversation With Ariel Silverstone The fundamental failure of endpoint security
Iran, Scott Brown and Corporate Espionage The future of the security Industry by Bruce Schneier
John Bumgarner on Cyber warfare [27C3] (en) Smartphones SMS-o-Death #infosec
John Markoff on Stuxnet Shadow Government



#Cyberwar