Stuxnet Expert Dismisses NIST Cyber Security Framework, Proposes Alternative 32
An anonymous reader writes "Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran's Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government's Cyber Security Framework. Langner's Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government's framework."
Why not do what experts have recommended? (Score:5, Insightful)
If you want "networked" configuration nodes, an isolated network should be the only thing accessing equipment. That node should not access anything else, or any other networks. If you want a monitoring node, counters coming from devices should never be writable to anything but local hardware. Monitoring nodes can access other networks for consolidation of data, but not be writable to other networks.
I really can not understand how people continue to believe that everything should be connected to everything. Worse, that everything should be able to write to everything else. After nearly 3 decades of being shown it's a bad idea, maybe the mind set of executives should change? It's like continually banging your head on a wall, and will feel really good when you finally stop!
Does the Government mandate this configuration as a few here have implied? If so, maybe it's time to boot shitbags out of the Government?