A logiical approach to SCADA defense

I recorded this podcast last Friday but have not had a chance to post it until now as I have been traveling. I am writing in the lobby of the Berjaya Langkawi resort in Malaysia. For those who are stuck in the frozen waste land of North America I can report that 95 degrees F feels pretty good in January. 

Brian Contos, CSO of Arcsight and author of Enemy at the Watercooler,  has been working with a team of SCADA experts on a joint government-industry-vendor project dubbed LOGIIC. Brian helped pull together some of the key participants including Doug Maughan, Benjamin Cook, and Tom Aubuchon for this podcast. 

As anyone who has worked with our telecommunication, power, light, and water systems knows, as the underlying control systems have been connected to IP networks they have become vulnerable to both random attacks such as the worms and viruses that course through the veins of the Internet and potential targeted attacks from malfeasants.  To better understand how to protect the SCADA networks, project LOGIIC was put together to run some scenarios against a representative network and determine what response would be most effective.  You can read about LOGIIC here.   And you can listen to the podcast here.