[ISN] Industry association aims to bolster SCADA security

From: InfoSec News <alerts_at_private>
Date: Mon, 14 Mar 2011 00:07:08 -0600 (CST)
http://www.csoonline.com/article/676095/industry-association-aims-to-bolster-scada-security

By George V. Hulme
CSO
March 11, 2011

It's no state secret that industrial and automation control systems have 
a way to go before they're resilient from targeted and sophisticated 
malware attacks. Just last week the International Society of Automation 
(ISA) announced that the ISA99 standards committee on Industrial 
Automation and Control Systems Security had formed a task group to 
conduct a gap analysis of the current ANSI (American National Standards 
Institute) ISA99 standards and modern threats against critical 
industrial systems, such as Stuxnet

The ISA 99 standard provides guidance to control system operators on 
security technologies and how well they work (or don't) at mitigating 
the risks associated with certain threats and vulnerabilities. The 
intent of this gap analysis is to determine if organizations that are 
following ISA 99 would have been able to fend off a Stuxnet-like attack 
and to identity any improvements the standard may need. A technical 
report is expected by mid-year 2011.

The ISA 99 standard is a foundation of Supervisory Control and Data 
Acquisition System (SCADA) security. "Over the next few years, these 
standards will become core international standards for protecting 
critical industrial infrastructures that directly impact human safety, 
health, and the environment; and, likely will be extended to other areas 
of application, even broader than those generically labeled SCADA. Based 
on this, it is essential that industrial companies following IEC 62443 
standards know they will be able to stop the next Stuxnet," the ISA 
wrote in its statement announcing the security task force.

The news of the ISA 99 gap analysis came the same day as the Security 
Incidents Organization released its 2011 report, Report on Cyber 
Security Incidents and Trends Affecting Industrial Control Systems 
Resulting from Malware Infections.

[...]

 
___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Sun Mar 13 2011 - 23:07:08 PDT

This archive was generated by hypermail 2.2.0 : Sun Mar 13 2011 - 23:16:09 PDT