The Internet is a hostile space for water utilities and their SCADA (Supervisory Control and Data Acquisition) systems. In a recent article Global Water Intelligence Magazine spoke to a number of security experts, including T&VS about how utilities should go about protecting themselves from malicious attacks.
The lessons from the Water utilities can equally apply to any industry where the increasing adoption of open internet protocols and wireless devices is forcing companies to evaluate their cyber security risk profile and strengthen their knowledge of cyber threats.
In the article Mike Bartley, CEO of T&VS, outlined that a good way to gauge a vendors solutions is to check if they at least adhere to the (Open Web Application Security Project) OWASP IoT Top 10 list of security vulnerabilities.
“I think if you’re looking at what is best practice then a lot of people can say OWASP is a good place to go to,” he said. “If they can say we’ve secured ourselves against the OWASP Top 10 that’s probably good practice but they should be able to demonstrate they have an ongoing assessment of the top 10 as well.”