Cybersecurity summit pays little attention to control system's security
Leading security experts and government officials met last week in Dallas at the EastWest Institute’s first annual Cyber Security summit. Unfortunately, little attention was paid to control system security despite the threat of increasing infrastructure attacks.
Homeland Security Newswire, May 13, 2010
"Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference; the problem is safeguarding infrastructure's control systems against attackers is that such protection requires a different approach to securing PCs or networks; Windows-based security products will not help; says one expert: "All the devices that sense things -- temperature, pressure, flow, and things like that -- are not Windows, those are proprietary, real-time or embedded, and there's no security there"
The goal of the conference was to find common solutions to cybercrime and other online attacks, which respect no national boundaries. InformationWeek’s Mathew Schwartz writes that the first step, then, was to introduce policymakers and experts from around the world, to begin creating the relationships and transparency needed to make this happen. “How can you do partnerships with private industry, how can you do it with other governments when everything’s behind a veil of secrecy?” said White House Cybersecurity coordinator Howard Schmidt.
The next step, Schwartz notes, will be more challenging. “Breakthrough solutions will require the effective integration of technical, business, legal, defense and international policy competencies on a level that has not happened so far,” wrote attendee Ikram Sehgal, a defense and political analyst and EastWest board member, in the News, a Pakistani newspaper. “Nations are thinking too parochially about their online security to collaborate on crafting global cyber regulations.”
Top of the cybersecurity agenda for many governments: how to prevent “nightmare” infrastructure attacks against “electricity, power grids, transportation, airplanes, water supply, finance, the banking system [and] the health system,” said Patrick Pailloux, director general of the French Network and Information Security Agency. His biggest nightmare? “That we don’t have enough time to prepare us for the nightmares.”