It would be easy to believe that securing SCADA networks is a matter of simply applying sound corporate IT risk management practice to the industrial domain. Whilst this is mostly true, SCADA networks have specific characteristics that require special attention, and much of what can be achieved does not require specialised equipment or significant expenditure.
Ethernet connected SCADA systems benefit from passive protection to ensure that security objectives do not compromise availability. They require more careful asset management so that changes in their behaviour can be detected that unnecessarily expose them, before any compromise is attempted.
The fact is that while the world has not seen the incidents to match the hype surrounding security risks in industrial networks, the risks are real and eventually those vulnerabilities will be exploited. With SCADA networks however, mature and stable security controls can also offer business continuity benefits by detecting accidental asset changes as well as malicious activity.
Ensure that SCADA networks are equipped with IDS systems fitted with appropriate signature sets, and consider adopting passive asset profiling technology.
http://www.digitalbond.com/index.php/category/scada-ids/
Evercom can assist with commercial systems for network asset change management, formal tools for policy management in industrial networks, and highly cost effective Sourcefire intrusion prevention systems that are packaged and priced properly for Australian utilities.
|
