Digital Bond

For Secure & Robust ICS

  • Home
  • Consulting
  • S4x19
  • Dale Peterson
  • Hire Dale To Speak
  • Contact Us

2013 – Resolution – Now

January 2, 2013 by Dale Peterson 1 Comment

Secure By DesignHappy New Year to all loyal readers. We hope you had a chance to rest up and enjoy time with friends and family over the holidays.

My resolution for 2013 is simple: By the end of the year there will be a consensus that insecure by design PLCs and other field devices need to be replaced or upgraded in the next 1 to 3 years.

Here’s how we will measure success:

  • The US Government and at least two other governments will publicly state this as a policy position.
  • The majority of “ICS security gurus” will take this position.
  • PLC vendors representing 75% of the critical infrastructure market share will announce a new product with source and data authentication for sensitive functions and other basic security features.
  • 75% of ICS protocols used in the critical infrastructure will at least begin an effort to integrate authentication into the protocol.
  • At least two major industry groups will take a public position that source and data authentication should be deployed for sensitive functions as a fundamental or basic security practice.

This is not a passive prediction that this will happen. This is what the majority of my pro bono time will be focused on this year, and I’d welcome all support to make this resolution come true.

On a related now – the theme of the S4x13 conference is NOW! The attendees that will be at this event in two weeks easily have the capability of making this and other important changes happen.

Skeptics will say that change has not happened for over a decade now, and the mindset hasn’t changed at all. One could make a compelling, data point filled argument for that position. However, things never change until they do, and it often happens at a surprisingly fast rate after a long time of intransigence.

You will see a few other changes starting this year. First, we are launching the Japanese version of this site next Monday. Initially it will feature a weekly entry similar to an expanded Friday News & Notes on Mondays in Japanese, and we will see where it goes from there. Second, we will be looking to move our research into areas where it will be better supported. We already have a solution for SCADA IDS that will be announced soon, and we are working on something similar for Bandolier and the SCADA Honeynet.

It should be an interesting year, and we look forward to covering it. My goal is for 200 blog entries this year, and I’d really like at least a 1/3 of them to be success stories so send me some good news.

Image by tEdits

Filed Under: Digital Bond, PLC Security Tagged With: Insecure By Design

Comments

  1. Ralph Langner says

    January 2, 2013 at 16:11

    Dale,

    thank you for another year of great blogging.

    I share your optimism for 2013.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Subscribe to the S4 Events YouTube Channel

S4x19 Is Open For Registration

Jan 14 – 17 in Miami Beach

Follow S4 Events on Facebook

Tools & Talks

DNS Squatting and You

DNS Squatting and You

February 24, 2016 By Reid W 3 Comments

Basecamp for Serial Converters

Basecamp for Serial Converters

October 30, 2015 By Reid W 3 Comments

escar Asia

escar Asia

September 9, 2015 By Dale Peterson 1 Comment

Unsolicited Response Podcast: Cyber Insurance

Unsolicited Response Podcast: Cyber Insurance

August 27, 2015 By Dale Peterson 3 Comments

S4 Events Newsletter

Subscribe to our newsletter on leading / bleeding edge ICS cyber security information and S4 Events.

* indicates required
Email Format

Dale's Tweets

About Us

Digital Bond was founded in 1998 and performed our first control system security assessment in the year 2000. Over the last sixteen years we have helped many asset owners and vendors improve the security and reliability of their ICS, and our S4 events are an opportunity for technical experts and thought leaders to connect and move the ICS community forward.

Recent Comments

  • Chris on Attacking CANBus – Part 1
  • Chris on Koyo/Automation Direct Vulnerabilities
  • Brandon Workentin on The ICS Security Stories We Tell And Love
  • Joe Weiss on Insanely Crowded ICS Anomaly Detection Market
  • Stuart Bailey on Unsolicited Response Podcast Is Back … With John Matherly of Shodan

Search….

Follow @digitalbond

Copyright © 2019 Digital Bond. - All Rights Reserved ·