In the latest Eye on Security podcast, I spoke with Dan Scali, senior manager for Mandiant, on key issues in critical infrastructure and industrial control systems (ICS).
Bank data centers, nuclear power plants and water plants are among the entities in the ICS realm, a niche area of information security that’s quickly gaining attention due to recent high profile breaches. Dan covers some of the issues impacting these organizations – such as lack of network segmentation and patching – and how they allow everything from crimeware to nation state attacks to threaten the integrity of critical systems.
Organizations of all sizes need a pragmatic approach to ICS security by adopting holistic security programs, employing enterprise-wide monitoring, and ensuring they have incident response plans in place. In this podcast, Dan discusses some of the ways Mandiant consultants are helping organizations in these areas, including program development and non-invasive ICS health checks.
The full podcast is available here.