patrickmcginnis59 10839 (8/12/2014)
I know I'm a little slow, but I'm having some difficulty identifying venoym's mistake, from what I've read he's actually talking about required and recommended practices. Could you offer a little help in identifying his actual mistake? Sure would be appreciated!
Venoym believes in defense in depth and not relying on one mechanism to protect your kingdom. This is the best approach. There's nothing wrong here.
Unfortunately, there are too many in the development, implementation, and administration of SCADA software that don't think the same way. They believe that one defense, the air gap/data diode, can protect them from any and all attacks.
Venoym's mistake, at least from what I've seen in the posts, is in thinking that more folks in the industry think like Venoym does. From what I've seen of the SCADA industry, Venoym is the exception, not the rule, when it comes to thinking about security and how to properly apply it.
K. Brian Kelley