Main Menu
Home / Project Management / Risk Management / The Stuxnet Effect on Cyber Security

The Stuxnet Effect on Cyber Security

Once Stuxnet tore its way through Iranian industrial sites back in 2010, it got the world rethinking how secure their systems were. It becomes hard to trust current technology once you have seen firsthand how easy it is to exploit. An article at Automation World discusses what is changing in cyber security in the wake of Stuxnet.

Board Up the (Microsoft) Windows

Security risk is starting to be treated like supply chain risks and other portfolio risks; it is worth the attention of the executive suite. More money is being allocated to security, and in general, there is a much higher level of awareness than there was previously. One example of better security at work is seen in Siemens, who uses a processor that provides “point-to-point authentication in the protocol.” The Department of Homeland Security (DHS) has also gotten in on the act, providing many earnest resources for businesses to better protect themselves.

Brian Ahern, CEO of Industrial Defender, says that once a great perimeter defense has been constructed, we still need to remember to insert additional defenses inside the perimeter. He calls for host and network intrusion detection. Indeed, the degree to which we do not know our own systems can be at once funny and frightening. DHS found that there are on average 11 separate connections from a control system to the business network. Eric Byres of Byre Security says in one case he discovered 17 unknown connections from a system for an organization. It ultimately boils down to this:

The reality that manufacturers have to adapt to is that you can’t stop infections from happening, Byres says. “You can’t keep every virus or hacker out of your plant floor any more than you can keep a virus out of the human body. You have to build a system that can deal with viruses like the human body does. It has to be able to spot something nasty when it comes in and deploy the programs to deal with it. Your strategy has to be about how to contain and deal with security problems, not block them out entirely … because that can’t really be done.”

You can read the whole article here:

About John Friscia

John Friscia is the Editor of Computer Aid's Accelerating IT Success. He began working for Computer Aid, Inc. in 2013 and continues to provide graphic design support for AITS. He graduated summa cum laude from Shippensburg University with a B.A. in English.

Check Also

How to Plan Your Risk Management from End to End

Project risk management continues to hold the championship belt for the most important-yet-ignored aspect of …

Leave a Reply

Your email address will not be published. Required fields are marked *

Sorry, but this content
is for our subscribers only!

But subscribing to ACCELERATING IT SUCCESS is FREE and only one click away!
Join more than 40,000 IT Professionals and get the best IT management articles to your mailbox with Accelerating IT Success!

Unsubscribe at any time