While Air-Gaps are a good conceptual solution, in practice beyond Schneier’s single PC example, they are very hard to achieve. There is nearly always a backdoor to be found somewhere that an attacker can exploit.
Continue reading “More on Air Gaps”
Over the last 3-5 years Data Diodes have grown in popularity as a solution for moving data between isolated networks. With this has come creative marketing to leverage the term ‘Diode’ for solutions that are anything but.
Let’s just take a few moments to revise some of the fundamental modes of secure information exchange.
After nearly two years of planning, the new UK Government Security Classification system comes into operation this month. This will probably be accompanied by some articles from the doomsday brigade suggesting forecasting chaos and uncertainty; there are undoubtedly rough edges, but it’s important not to lose sight of the bigger cultural change at play…
Subtitle: Countering Cyber Threat through Organizational Learning and Training
Author: Peter Trim and David Upton
A recent article in the NY Times claims:
The vast majority of targeted computer attacks now start with a malicious e-mail sent to a company employee. Now evidence suggests that the same technique could be used to attack watersheds, power grids, oil refineries and nuclear plants.
This cannot be allowed to happen, here I explore the issue in a little more detail.
Nexor have just released a briefing paper Air-Gaps, Firewalls and Data Diodes in Industrial Control Systems looking the issues around segregating industrial control system networks. What works best: Air Gaps, Firewalls or Data Diodes?
Due to recent security incidents, there is now a significant debate with regard to what is the best way to protect Industrial Control Systems (ICS).
In 1999, In Britain, Margaret Beckett, then leader of the Commons, hosted a closed conference for industrialists and intelligence officials to warn about the growing risk of electronic attack on Britain’s Critical National Infrastructure.
Continue reading “1999 Conference – Risks of electronic attack on Britain’s Critical National Infrastructure”
This is an insightful debate in the Economist, the full title being
This house believes that a hyper-connected world is more rather than less secure.
Sadly I missed the online comment period, so was not able to offer my thoughts in the debate itself. I would have voted less secure.
Continue reading “Economist Debate: “…a hyperconnected world is more rather than less secure.””