German security expert Ralph Langner has released a new cybersecurity framework for industrial control systems. Langner says risk-based approaches to security can be fudged and aren’t based on empirical data or the reality of the ICS environment. Some 95 percent of critical infrastructure systems don’t have a dedicated security professional for their systems, he says. The new framework is based on process-based approach to locking down plants, Langner writes in a blog post. The draft version of the U.S. government’s Cyber Security Framework is published today.”]
Source: https://www.darkreading.com/analytics/stuxnet-expert-proposes-new-framework-for-ics-scada-security