George Gary Mintchell of Automation World/Feed Forward Blog and I have had a difference of opinion on the Automation Press in a few areas including the kid gloves treatment of Siemens regarding Stuxnet. He has a blog on this titled “Cybersecurity Responsibility“, where he goes back to the “defense in depth” and “due diligence” mantras.
In his blog he does characterize my criticism of Siemens incorrectly. I don’t blame Siemens for having a vulnerability that was exploited. I criticize Siemens for not providing their customers with information on how to determine if their process is at risk and not having or announcing any intention to fix the underlying problem in their PLC.
My comment submitted to Feed Forward is below: [Read more…]