In a world focused on zero days who do you trust? Do you really know where your SCADA came from? How are you validating your cyber supply chain risk? Let alone, is cyber even included in your process? Facing the reality of IOT bringing exposure to your network, more attack surface because we need <new technology>, and refusal to change, a restructure is necessary. With the directive from FERC we will have more leverage in integrating cyber security to processes however there are challenges to face. This is a forward look at tactical integration of cyber and business to simultaneously improve our critical infrastructure protection while not being the bottleneck to business procurement.
Stacey Banks
Stacey Banks is a Senior InfoSec Consultant specializing in GRC, risk mitigation and vulnerability testing supporting a variety of environments.