Utilities are gearing up for compliance with the new CIP standards. NERC, however, has taken a flexible approach to implementation that leaves some companies confused. Can utilities comply by 2009...
Cyber Attack! - Lessons Learned: Aurora Attack
Test gets major media hype, but SCADA vulnerabilities remain
you don’t get caught up in chasing the individual particulars of this scenario, and allow that to distort your perspective on your overall security posture.”
Gunther adds, “It’s a systems engineering problem that must be solved in the larger context of the application of the overall system. You’ve got to work at it, and a lot of people don’t want to hear that.”
The good news about Aurora, however, is it raised awareness of security issues in general. It demonstrated clearly the importance of reviewing security systems, assessing the risks, understanding them and reacting appropriately. Such efforts represent an ongoing challenge for the industry.
“The minute you say nobody can figure out how to [hack a system], they do,” Traverse says. “Everybody needs to plan for the worst and protect themselves as best they can. We have to get ahead of the curve.”