Much of what’s here I advocated in my previous professional life:

A SCADA environment (Supervisory Control and Data Acquisition) is unlike a conventional IT network in that it provides interconnectedness between industrial systems such as robots, valves, thermal or chemical sensors, command and control systems and HMI (Human Machine Interface) systems, rather than desktops. These environments monitor, manage and administer critical infrastructures in various fields such as transport, nuclear, electricity, gas, water, etc.

Historically, these SCADA control systems have used a dedicated set of communication protocols but as technology and industrial architectures have evolved, these same industrial systems are all interconnected via a conventional IP network. The problem of course is not the use of the conventional IP but rather potentially vulnerable environments such as an unpatched Windows operating system on an HMI platform. Reducing down time is sometimes justification enough to postpone patching on these systems, making SCADA environments potential targets for cybercriminals.

via Fortinet Blog | News and Threat Research Security 101: Securing SCADA Environments.

Read on for their recommendations.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)