Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

McAfee FOCUS: Critical Infrastructure Security Requires Partnerships

LAS VEGAS – McAfee FOCUS 2012 – Solving security challenges to critical infrastructure companies requires partnerships between vendors, a panel of solution providers and experts said today at McAfee’s Focus conference in Las Vegas.

Working closely with suppliers, explained Gary Woodward, director of business development at Emerson Process Management and Water Solutions, ensures that products are integrated and working optimally.

LAS VEGAS – McAfee FOCUS 2012 – Solving security challenges to critical infrastructure companies requires partnerships between vendors, a panel of solution providers and experts said today at McAfee’s Focus conference in Las Vegas.

Working closely with suppliers, explained Gary Woodward, director of business development at Emerson Process Management and Water Solutions, ensures that products are integrated and working optimally.

“You don’t want a Blue Screen of Death in front of an operator,” he said.

A report released this year by the U.S. Industrial Control System Cyber Emergency Response Team (ICS-CERT) underscores why. According to the report, there was a dramatic increase in the number of reported cyber-security incidents affecting critical infrastructure companies in the United States between 2009 and 2011. In 2009, ICS-CERT received nine incident reports. By 2011 that figure had jumped to 198.

In April, a survey of 104 security pros in the energy sector sponsored by nCircle and EnergySec revealed that 61 percent felt that smart meters did not have sufficient controls to protect against false data injection.

Historically, many industrial control systems were not designed with security in mind – nor was the overall architecture, said Philip A. Craig Jr., a researcher at Pacific Northwest National Laboratory.

“There are a lot of sacrificial lambs and kind of low hanging fruit that may exist in industry today,” he said.

As part of its strategy of addressing this, McAfee is working with companies focused on critical industry, such as nuclear power and electric companies. For example, McAfee has partnered with Waterfall Security Solutions, which joined McAfee’s Security Innovation Alliance program earlier this year, to integrate Waterfall’s Unidirectional Security Gateway solutions with McAfee’s ePolicy Orchestrator and other products. In addition, McAfee and Westinghouse Electric Company announced an agreement today in which Westinghouse will provide McAfee Enterprise Security Manager and Network Intrusion Prevention Systems to nuclear power plants.

In a statement, Ken Levine, senior vice president and general manager of McAfee Risk and Compliance, applauded the partnership between the company and Westinghouse, noting that the integration will add another layer of security into components in control systems.

“This partnership is a great step in the essential fight to keep critical infrastructure safe,” he said.

While security pros may dream of a world where all critical systems are isolated and disconnected in the name of security, this is not always practical in the real world, Lior Frenkel, CEO of Waterfall Security Solutions, said during the panel discussion.

“We must enable businesses to work efficiently,” he said.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Cyberwarfare

While cyber eyes are trained on Russia, we should remember that it is not the West’s only cyber adversary. China, Iran, and North Korea...