Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems


Posted on by Ben Rothke

The Stuxnet computer worm of mid-2010 was a huge wake-up call for the energy industry. It also catapulted SCADA from an obscure term to the forefront of industrial security. But nearly two years later, it is unclear if the energy sector is adequately prepared for sophisticated information security threats.

For those looking to get a handle on how to effectively secure critical infrastructure networks, Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems is an excellent reference.

In the book's forward, Dr. Anton Chuvakin writes that "one of the most mysterious areas of information security is industrial system security." The reality is that industrial system security can be effectively secured, and the book shows the reader exactly how to do that. In 11 densely written chapters, the book covers all of the necessary areas in which to secure critical infrastructure systems.

The first three chapters provide an introduction to industrial security, SCADA, and control systems. Chapter four then goes into detail about industrial network protocols. The obscurity of these protocols was thought to be a boon to SCADA systems in the past in that attackers were oblivious to their inner workings. In today's world, however, those who intend to attack can learn how to do it.

The book concludes with a chapter on common pitfalls and mistakes. This is a particularly valuable chapter because many companies look for quick and easy approaches to information security but do not provide adequate staff, budget, or time to get the job done. Firms that make those mistakes are likely to be victims of a security breach.

For those looking for a solid overview of the topic, Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems is an excellent reference.


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

critical infrastructure anti-malware

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs