Access "The state of critical infrastructure security"
This article is part of the January/February 2011 issue of Cloud initiatives are changing roles for information security managers
Mark Weatherford will likely not forget the week of July 12, 2010. He'd just started his job as vice president and chief security officer at the North American Electric Reliability Corporation (NERC) that week. And as chance would have it, security researchers had recently announced the discovery of Stuxnet, one of the most advanced worms on record and widely believed to be targeting Iranian nuclear facilities. With NERC's mission being to ensure the reliability of the North American bulk power system, it was a leap right into the fire for Weatherford. The Windows-based worm, which contained a programmable logic controller (PLC) root kit, is the first known worm that can reprogram industrial systems, and was crafted to breach Supervisory Control And Data Acquisition (SCADA) systems. SCADA systems are often used to control and monitor industrial processes, including those that help to manage power grids. Immediately, Weatherford put into place a "Malware Tiger Team" that could be leveraged to help NERC ensure that the information about Stuxnet that was shared... Access >>>
Premium Content for Free.
Information security roles growing in influence
Information security managers are getting more of a say in enterprise cloud initiatives and mobile device projects.
The state of critical infrastructure security
Stuxnet put the spotlight on critical infrastructure protection but will efforts to improve SCADA security come too late?
- Information security roles growing in influence
Enforcing endpoint security
by Lisa Phifer, Contributor
Enforcing endpoint security requires careful planning and deployment.
- Enforcing endpoint security by Lisa Phifer, Contributor
Schneier-Ranum Face-Off on whitelisting and blacklisting
Security experts Bruce Schneier and Marcus Ranum debate whether network security should be based on whitelisting or blacklisting.
The penetration tester is alive and well
Automation hasn't killed the penetration tester – yet.
Old information security challenges persist
by Dave Shackleford
A look back at articles from the past shows that the same information security problems persist today.
- Schneier-Ranum Face-Off on whitelisting and blacklisting
More Premium Content Accessible For Free
Beat the security odds with a cloud risk equation
Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their ...
Antimalware technologies and techniques to the rescue
Not only is modern malware getting more prevalent and sophisticated, it's also now focusing on a broader array of targets. Attackers would still love...
UTM: Decision time
IT Decision Center
Learn how to evaluate your potential vendor's UTM product and its ability to meet your specific business requirements.