Thursday, October 28, 2010

Analysis: Cyber defenders, attackers probe Stuxnet's secrets

View the article published this morning by Reuters

ICSJWG Wraps Up in Seattle

The Industrial Control System Joint Working Group (ICSJWG) fall conference hosted by the U.S. Department of Homeland Security's Control System Security Program (CSSP) has just wrapped up in Seattle.  If you were not fortunate enough to attend, you missed out on an incredible opportunity to meet and network with most of the leaders within the cyber security community from leading vendors, academia, research firms, and government entities.  However, you can still view all of the presentations delivered at the conference at the ICSJWG website (http://www.us-cert.gov/control_systems/icsjwg/index.html).  In addition to making all of this year's presentations available for download, you can also view presentations from previous conferences as well.

On Wednesday, I presented a solution on Defense-in-Depth Strategies for Open, Remote Access to Control System Networks.  You can view this presentation by clicking here or visiting the "My Resources" section below.

While visiting this website, be sure to jump over to the section "Standards & References" for one of the most comprehensive repositories of best practices, recommended solutions, guidelines, guidance documents, and technical reports.

Wednesday, October 27, 2010

Welcome to SCADAhacker

I would like to welcome you all to the launch of the SCADAhacker blog.  I have been very active helping to educate users and integrators on cyber security for industrial automation and control systems over the past few years, and feel that it is time to begin to consolidate my personal collection of information.  I also would like to share my thoughts and views relating to industrial security from a unique perspective.  If you want to secure your systems, you need to stop thinking like an engineering and begin to "Think like a hacker!".  I hope you find this site both informative and relevant.