TLDR; is a book review series revolving around industrial control systems. SCADA Security: What's broken and how to fix it, by Andrew Ginter is a primer on securing such systems.
The text reviews the differences between IT (information technology, aka your business's accounting and email system) and OT (operational technology, aka your plant's automation) viewpoints on security. This would be an excellent read for someone coming in from an IT background, or a plant manager trying to engage in meaningful discussions with your systems integrators.
The most interesting sections include meaningful comparisons of different threat actors, their techniques and how likely they are to break in. The hacktivist for instance, is a skilled amateur, who is likely to attack in X and Y vectors. A well-designed SCADA system has reasonable deterrence built in to mitigate threats from such adversaries. However, nation states / militaries with (effectively) infinite time and money cannot be defended against. Slowed down, certainly, but realistically they cannot be defended against.
The methods of threat actors' attacks are interesting, but so are the responses. Traditional IT security systems wipe systems and restore backups. "The essential problem with applying IT security principles to SCADA systems is this: there is no way to restore lost production, damaged turbines or human lives 'from backups.'"
The book is not just eminently quotable but has excellent citations. Most are technical, but it also includes classics, including Dune's "What do such machines really do? They increase the number of things we can do without thinking. Things we do without thinking- there's the real danger."
If you are looking for a quick read discussing the highlights of securing industrial control systems, this would probably be a good fit!
Comments