In Critical Infrastructure, Safety Comes First
- Securing 30 year-old-equipment which was not built with security in mind is a great challenge in the power generation and distribution industry.
- In the IT world, it’s common to prevent suspicious packets from reaching their destination. You can’t do that in critical infrastructure.
“Our number one concern is safety, and any security in our networks has to be designed in a way that is safe. We can’t have a machine fail and kill someone.”
One of the great challenges in securing OT systems in the power generation and distribution industry is the age of system components. “The average lifespan of a typical ICS device is about 30 years,” says Brian Foster, OT/ICS cybersecurity engineer for Portland General Electric. “And, of course, 30-year-old equipment was not built with cybersecurity in mind.”