Blogger: Security Mainstream Still Ignorant of Security Problems in Industrial Controls & Embedded Devices

pic4-40We've previously posted about the concerns surrounding the state of Industrial Control Systems cybersecurity. And after this year's RSA Conference--billed as the most comprehensive forum on information security--at least one ICS security expert is troubled about the continued lack of progress in this field.

Despite featuring 5 different sessions focused on the Smart Grid or Industrial Control, according to his post on ControlGlobal.com, ICS expert Joe Weiss found that much of the Industrial Control System discussion was being led by IT experts with little-to-no ICS-specific background, emblematic of a much greater problem:

As best as I can tell, there were fewer than 10 control system personnel that attended including speakers - the rest were IT. [...]

Once again, we come smack up against the problem that there are very few industrial cyber security experts.... It really doesn't look like we're making real progress in Industrial Control System security yet, does it?