1. Home

Cybersecurity Responsibility White Paper

March 8, 2013
I was recently informed about a new White Paper by respected cybersecurity authorities Ralph Langner and Perry Pederson of the Brookings Institution called "Bound to Fail: Why Cybersecurity Risk Cannot Be Simply 'Managed' Away" that is now available for free after registration from ControlGlobal at  www.controlglobal.com/whitepapers/2013/130304-langner-pederson-cybersecurity-fail.html

I was recently informed about a new White Paper by respected cybersecurity authorities Ralph Langner and Perry Pederson of the Brookings Institution called "Bound to Fail: Why Cybersecurity Risk Cannot Be Simply 'Managed' Away" that is now available for free after registration from ControlGlobal at  www.controlglobal.com/whitepapers/2013/130304-langner-pederson-cybersecurity-fail.html

This well thought out and timely paper with several references suggests that using Risk Management as the approach to cybersecurity is not necessarily the best approach to addressing this issue. Neither is the recent approach in President Obama’s Executive Order stating “The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront….” They are effectively abdicating because of tough fiscal times. So rather than do something as simple as pass a set of minimum requirements, we the government will let you do this yourself.

Langner & Pederson suggest that using the Risk Management approach is not enough because it is a business decision tool first and foremost, and depending on the skills of the facilitator frequently only finds the direct risk rather than the ultimate risk that could result. As an example, loss of an HMI screen or station is considered low risk because we have redundant system, however if this same is compromised to appear to be okay and your process runs amok then what? Risk Assessments evaluate the current situation but as we know cyber risks continue to evolve.

Who is responsible for your security? As the expression goes, “look in the mirror.” If you are an End User push on your suppliers to demonstrate they are addressing the cybersecurity National SCADATestbed (NSTb) elicited a bulk of design vulnerabilities in control system products in the products you are purchasing and if you are a Manufacturer, consider this as a investment in a competitive differentiator.

Remember, it is not a question of if you will experience a cyber incident but more a question of when? Will you be ready?

Watch for a feature on this White Paper in the April issue of Control or if you can’t wait download and read it now yourself.

Continue Reading

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...

Latest from Home

Concept of all sides of cybersecurity
A new 2022 Ford Maverick vehicle is displayed at the 2021 LA Auto Show media day in Los Angeles, November, 18, 2021
Business planning and strategy concept

Most Read

Sponsored