Phil Neray, VP cybersecurity & marketing at CyberX, explains why the threat of cyber-attacks on Industrial Control Systems can no longer be dismissed by the “It’s never happened before” argument.Phil Neray
Although many business decision-makers may be familiar with Stuxnet, the German steel mill attack, BlackEnergy malware and how a Michigan Utility got hacked with ransomware, many are still reluctant to invest more on tighter security controls to reduce the risk of cyber-attacks on their Industrial Control Systems (ICS).
The world of cyber has changed dramatically over the past 12 months. Cyber-attacks on ICS/SCADA networks and breakthrough research discoveries, have rendered the “we’re not going to spend more on ICS cybersecurity because it has never happened before,” argument, void.
At a recent conference, Richard Clarke, a former top counter-terrorism advisor who later served as the first White House cybersecurity czar pointed to numerous major disasters that were clearly predicted by experts but ignored by decision-makers. These include the sub-prime mortgage crisis of 2008, the Fukushima nuclear meltdown, the Madoff investment scandal, and several mining disasters. In each case, nobody acted on the experts’ predictions. Clarke then explained why ICS cybersecurity is similar to these disasters because the cost of dealing with the disaster is disproportionately higher than the cost of mitigating it beforehand.
This is a Quick registration Module. Please register to get access to downloads and product specific documents.