These particular features are extremely important when one tries to assess the vulnerability of a SCADA system, and when designing mitigations.
This chart depicts the Four primary pieces of the XF puzzle which include Research, Engines, Content Delivery and our Industry and Customer deliverables. Our Research group has to understand what the security issues are and how they work. That feeds into our engines which actually protect customers from these threats. Engines and Research is delivered through security content updates to customers on a regular basis. We have content delivery team who is responsible for assuring the quality of our security content and delivering them to customers. Then we product Industry/customer deliverables which include our blogs, speaking engagements and our X-Force threat reports. This chart represents the core component of what we do and how they all fit together. Ultimately our goal is the provide the most respected security brand to IBM, our customers and business partners.
A good framework to follow is: Process (40%): Establishment of policies are crucial Management (30%): Management buy-in and support is imperative! People (20%): End-users are the weakest link in security programs Bridge PCS administrators, engineering, and IT departments Technology (10%): Intrusion Prevention General policy fundamentals the same, with a slightly different approach Different architecture focus – end devices highly critical Real time processing requires higher availability Patching/rebooting difficult Security controls can’t impede real time processes Needs to include proprietary communication protocols Human safety a factor in risk management Executive commitment required to be successful Top down approach is the only way to enforce policy Reoccurring security awareness