Toward a whitepaper on SCADA security for directors and senior executives

A high level scan of the literature (Table 1) and brief conversations with cyber security specialists shows there appears to be a good understanding of the layers of risk in SCADA systems by professionals (Figure 1). This understanding, however, may not extend to Directors and Senior Executives – the ultimate owners of these risks and their implications.


Figure 1: Some high level cyber security issues raised by the move from private serial networks to IP based networks

Relevant gaps for ‘something different’ in a whitepaper

A scan of some of the available literature shows two gaps that may be of interest:

  1. A subtle gap appears to be the area of convergence between cyber, operational and physical risks driven by the move from private serial networks to IP networks. This move is a double-edged sword increasing productivity alongside vulnerabilities.
  1. The further gap is a holistic expression of the cyber security threat to SCADA and its implications in a language Boards and C-level executives understand. Efforts at filling this gap would support key IT influencers and decision makers in their internal recommendations process to this stakeholder group.

This information would be drawn from the existing literature. Non-exhaustive, SCADA security related areas and references are tabulated below. This reference list would be fleshed-out in the whitepaper development process, including source article identification, referencing and triangulation.

SCADA security-related areas Some reference URLs
Scenarios and Cases ·;;


Threat and vulnerability statistics ·;





Cyber-Physical-Operational considerations ·
Risk assessment ·;


Patching and testing ·
Good practice guides ·;


Standards, documentation, regulatory and compliance, training ·;


Differences between SCADA and traditional IT security; and compensating controls, including vendor and contract management ·


Future tech implications and ‘Internet of Things’ ·

Table 1: Light touch examples of existing news articles and grey literature.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s