We have had quite a discussion started about my post last week about a new technique being offered by Tofino Security to help secure communications within a SCADA/ICS system. Apparently I didn’t get my description of their product/service too far from correct, but there has still been a lot of discussion back and forth about what it can do and what it can’t do. To be fair, Eric Byres doesn’t claim that this is the be-all-end-all security device, but that it does provide another level of security in a properly designed defense-in-depth security plan.
Readers of this blog that truly understand the ins and outs of ICS security, please read all four posts; two by an Anonymous reader, one by Joel “the SCADAHacker” Langill, and one by Eric. There is lots of good information about how this system works and how it can be integrated into an effective ICS security system. And by all means, feel free to join in the discussion; I love learning new things about ICS security.
If you are a reader that thinks that you have a pretty good understanding of the ins and outs of ICS security, take a read through the comments. If you get lost in some of the terminology in the first couple of sentences, but understand the general gist of what they are saying (kind of like me, in other words) stay on the outskirts of any serious SCADA security conversation and nod your head from time to time and you’ll look pretty smart (works for me). But please, get some professional help in designing, implementing and maintaining your ICS security system.
If the discussion is in archaic Greek as far as you are concerned, then run, don’t walk, to the nearest introductory course on ICS security before you even talk to an ICS security contractor. Otherwise, you are likely to pay too much for hardly any security.
In any case, read the discussion, it is very educational.