April 25, 2024

Dr. Philip Cao

Stay Hungry. Stay Foolish.

SCADA Security Framework and Critical Infrastructure

2 min read
10 years ago Dr. Philip Cao

Samir MalaviyaSamir Malaviya, CISA, CGEIT, CSSA

Supervisory Control and Data Access (SCADA) systems are the backbone of critical infrastructure. Recent developments, including headlines on cyberwarfare initiated by state and non-state actors, have brought security for industrial control systems, including SCADA systems, to the forefront of cybersecurity discussions.

It must be noted that the challenges of SCADA security are quite different when compared to the challenges faced in implementation of cybersecurity frameworks in the traditional IT world. While traditional cybersecurity is more concerned with confidentiality and integrity, for SCADA system, availability is of paramount importance. Imagine if your power utility experiences failure because some of the controls applied by its cybersecurity team result in crashing the device itself. This may be catastrophic for utilities and might result in loss of life, too. The traditional cybersecurity model for IT needs to be fine-tuned to meet challenges specific to the SCADA world.

The proposed SCADA security framework from my recent Journal article describes a model for owners/operators of critical infrastructure to build a cybersecurity model for their SCADA systems. The proposed framework also covers all of the components of the recently published draft version of Critical Infrastructure Cybersecurity Framework, from the US National Institute of Standards and Technology (NIST). The SCADA security framework also maps to some of the regulatory requirements to be followed by owners and operators of critical infrastructure. In fact, the SCADA security framework can be considered a comprehensive superset that meets all of the regulatory requirements of the concerned industry for the owner and operators of critical infrastructure.

The SCADA security framework can be used by owners and operators of critical infrastructure to develop the security program. It is envisioned that the SCADA security framework can help to develop a risk profile and control framework for the organizations.

Read Samir Malaviya’s recent Journal article:
SCADA Cybersecurity Framework,” ISACA Journal, volume 1, 2014.

[Source: ISACA]

Dr. Philip Cao

Dr. Philip Cao (aka #DrTekFarmer), EDBA, MSCS, ZTX-I, CCISO, CISM, CMSC, CCSP, CCSK, CASP, GICSP is a Strategist, Advisor, Contributor, Educator and Motivator. He’s also a Cyber | Zero Trust Strategist & Evangelist and Chief Trust Officer. He has 23 years’ experience in IT/Cybersecurity industry in various sectors & positions.

See author's posts

More Stories

2 min read

(ISC)² Pledges 1 Million Certified in Cybersecurity

2 years ago Dr. Philip Cao
2 min read

CertMag: The Salary Survey 75 (2022)

2 years ago Dr. Philip Cao
1 min read

Update: (ISC)² Member Counts in Vietnam (January 1, 2022)

2 years ago Dr. Philip Cao

Leave a Reply

You may have missed

1 min read

Invitation to Tech Awards 2023 by VnExpress

4 months ago Dr. Philip Cao
2 min read

Invitation to 3-Year Anniversary of ChongLuaDao

4 months ago Dr. Philip Cao
2 min read

10K Followers on Facebook

4 months ago Dr. Philip Cao
1 min read

10K Followers on LinkedIn

4 months ago Dr. Philip Cao

Editor-in-Chief

Dr. Philip Cao

Cyber | Zero Trust Strategist & Evangelist

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Copyright © 2006-2024 Dr. Philip Cao. All rights reserved

Discover more from Dr. Philip Cao

Subscribe now to keep reading and get access to the full archive.

Continue reading