New report on control system cyber security incidents released
RISI, the industrial network security monitoring organization, publishes its survey for 2011.
According to data in the Repository for Industrial Security Incidents (RISI) database, approximately 35% of industrial control system (ICS) security incidents were initiated through remote access. Supporting this finding is RISI survey results that indicate nearly 65% of facilities allow remote access to their control systems. These findings and many more are published in the 2011 Annual Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems.
RISI is an industry-wide repository for collecting, analyzing, and sharing information regarding cyber security incidents that directly affect industrial control and supervisory control and data acquisition (SCADA) systems. Industrial automation system suppliers, end-users, international government agencies, and research institutes have been relying on RISI since 2009 to provide them with insight into the trends affecting ICS security. RISI data has been used for business justification, risk analysis, and a variety of research projects.
ICS and SCADA security has been a serious concern for over a decade but has come under increased scrutiny following the discovery of the Stuxnet virus in 2010 and the DuQu virus in 2011. Both of these viruses were found to target industrial control systems specifically.
The 80-page 2011 Annual Report includes detailed analysis of the 220 incidents recorded in the RISI database from 2001 through the end of 2011. The analysis identifies where and when the incidents occurred while also identifying the types of incidents and the threat agents that executed them including the methods and techniques used to gain entry. The financial and operational impact on the victims is also analyzed.
The report also includes detailed results and analysis from the first annual RISI Control System Security Benchmark Survey. The survey data provide very interesting insight into the current state of control system security especially when compared with data regarding actual incidents. For example, RISI data indicate that the percentage of control system security incidents caused by malware, while still very high (28%), has been steadily declining over the last five years. This trend is supported by survey data that indicate that more than 60% of facilities have implemented patch and anti-malware management programs.
The report can be purchased individually or as part of a company or corporate membership.
Edited by Peter Welander, firstname.lastname@example.org
- Events & Awards
- Magazine Archives
- Oil & Gas Engineering
- Salary Survey
- Digital Reports
Annual Salary Survey
After almost a decade of uncertainty, the confidence of plant floor managers is soaring. Even with a number of challenges and while implementing new technologies, there is a renewed sense of optimism among plant managers about their business and their future.
The respondents to the 2014 Plant Engineering Salary Survey come from throughout the U.S. and serve a variety of industries, but they are uniform in their optimism about manufacturing. This year’s survey found 79% consider manufacturing a secure career. That’s up from 75% in 2013 and significantly higher than the 63% figure when Plant Engineering first started asking that question a decade ago.