You Can't Design For Air Gapped And Manage Irresponsibly
SANS NewsBites Vol. 18 Num. 045 has a newsblurb and commentary on "Air Gapping SCADA Systems Will Not Work" published on (June 3, 2016) by the TheRegister.UK with quotes from Supervisory Control and Data Acquisition (SCADA) technology pioneer Faizel Lakhani.
The article focused the criticism for not using air gapped system because many of the current examples of air gapped networks have vulnerabilities that get added over time by employees who introduce technologies that wouldn't be allowed if the system was managed properly.
Building a successful and effective air gapped system requires a dedicated culture of security engineering that is hard work. Not doing that work will more than likely introduce threat vectors that a dedicated adversary will exploit.
And in other air gap news recently:
- Software-Defined Perimeter (SDP) outlined at Network World
- The government of Singapore is considering disconnecting some systems from the Internet [straitstimes, channelnewsasia, thestack, themiddleground.sg]
- Deploying an air gap is a solution to consider for some vulnerability problems according to Info Security Magazine.
- Press Release On: CyberArk delivers malware protection for industrial control systems.