Monday, August 25, 2014

Re-Assessing the Risk for the Energy Sector

Raj Samani has made a good comment on the espionage Dragon Fly Campaign in the Intel Security Blog.

Working in Spain, and being “World champions” on DragonFly Campaign we were very active on that. (In fact, I translated the Joel Langill and SecurityMatters  White paper to Spanish just to raise some concerns on the Spanish Energy companies. Cyberespionage campaign hits energy companies (Spanish)).

Spain is deploying right now the Critical Infrastructure Protection Law for the Energy sector but, in my personal opinion, we are facing three main problems:
  • Lack of budget for new Cyber Security controls in these Companies
  • Lack of Detailed Protection Measures (That should include DLP) on ICS Networks from the Spanish Administration.
  • The “Political will” on CIP Law enforcement. (We don't still have a clear measures auditing Framework)

On the other hand, We are executing projects out of Europe (Middle East), where DLP and AWL are being deployed  on ICS Networks. (In our case many of the Intel Security/McAfee solutions). Most of the times because we design the Defense-in-depth architecture contemplating these solutions, but sometimes because the IT CSO is asking for that.


I think Raj Samani has done a great reflection and I agree 100% his approach.
Posted by at