ID: IRCNE2012011358
Date: 2012-01-03
According to "infosecurity", Companies that rely on supervisory control and data acquisition (SCADA) systems to control their industrial processes should take a number of steps to improve the security of those systems, according to McAfee.
First, companies should have a formal business continuity plan in place that will keep core enterprise processes running even if the majority of IT infrastructure is offline. A robust disaster recovery plan should be in place and tested at least once a year.
Companies should be proactive about attacks, employing vulnerability discovery, security auditing, penetration testing exercises, patch and change management programs, secure software development lifecycle programs, execution and change control technologies, privilege management technologies, and blacklist detection technologies. McAfee said that it is important to conduct regular robust penetration testing in order to understand how the network will stand up to an attack.
McAfee advises users of embedded systems to take a number of steps to protect them from these attacks.
Companies should firewall their embedded systems and control or turn off all interfacing connections to the device (including WiFi, GPS, Bluetooth, and mobile phone networks). Firms should also apply any firmware updates in a timely manner.
- 3