Stuxnet and security dos and don'ts revisited

Download Now

Overview:

In all of the panic and anxiety caused by Stuxnet, there's been lots of highly technical discussions of how the latest technology (e.g., application whitelisting, data diodes, etc.) might have been able to contain it. But all of this focus on what could have been done potentially distracts us from what is really at issue. There is no silver bullet. No matter what system you buy or what program you put in place, there is always going to be a way around or a possible/plausible threat. Your product may block what we see today, but what is on the horizon? What gets lost in all of this distraction is the importance of security fundamentals and of having proper expectations of your security program: provide a program or tools that minimize your exposure and maximize your ability to contain and recover from an event when it happens — and it will.

There's More to This Story

Get more. You can read the rest of this story and other exclusive content as a Plant Services member. It's FREE, and it’s easy. We just need your name and email address. Then you can read everything you want on our site and even comment on it.

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments