Bristol experts contribute to EU white paper on cyber security attacks

Increasing numbers of recent security incidents against industrial control systems raise questions about the ability of many organisations to respond to cyber security attacks. Researchers from the University of Bristol's Cryptography Group and the Safety Systems Research Centre have contributed to an EU paper on the resilience of critical information infrastructures. The white paper, entitled Can we learn from SCADA (supervisory control and data acquisition) security incidents? was issued by the EU's cyber security agency, ENISA , earlier this month. Industrial Control Systems (ICS) look more and more like consumer PCs, are used everywhere and involve a considerable amount of software, often outdated and unpatched. Recent security incidents in the context of SCADA and ICS emphasise the importance of good governance and control of SCADA infrastructures. In particular the ability to respond to critical incidents and be able to analyse and learn from what happened is crucial. The aim of the white paper is to raise awareness about how organisations could respond to the increasing numbers of recent security incidents against ICS and SCADA and provides recommendations regarding prevention and readiness for a swift and integrated response to cyber security attacks against ICS and SCADA.