Is The Purdue Model Dead?
HTML-код
- Опубликовано: 16 июл 2024
- Joel Langill and Brad Hegrat join Dale Peterson to answer this question. The Purdue Model was used as THE MODEL when it came to ICS security, and it worked well in a traditional plant or factory environment. Is this true in the coming world of cloud services, IIoT and other changes? Joel, Brad and Dale discuss and actually reach a mostly common understanding.
Наука
A passionate conversation!! It’s not about securing level 1 level 2 etc.. it’s securing the processes. What talks to what?Biz adds items all over the place thinking it’s all on the same level is asinine. Perdue models is both ALIVE& DEAD. Superb TALK.
Putting the holistic environment into a specific modeling paradigm will stifle innovation within any given industry. I say this because of the variability of business processes, regulations, existing technology, emerging technologies, community resource knowledge base. To get where you want to be, you have to know where you've been. It cannot be an "all or nothing" static modeling concept, but rather a dynamic entity inclusive of business and technology to adjust, adapt and succeed with scalability.
You know the old saying, "All models are wrong, but some are useful."
Your argument of attacks inside of cloud designs has been killed years ago. The risk to cloud based designs are different and you seem to speak vague like a person who does not understand cloud technology.
Thanks for your comment. My concern isn’t that the cloud can’t be secured. It is the service provider, whether they are in the cloud or not (GE provided remote turbine monitoring from a data center in ATL pre-cloud) is a leveraged point of attack. Many of the ICS cloud services have tremendous access (closed loop) to a large number of ICS, and this trend is growing. You could compromise a highly privileged employee in the service provider (cyber, extortion, physical attack, bribery) and use this access to affect a lot of systems. Still I’m bullish on these services. Asset owners just need to understand what is possible inbound from the cloud and limit it to what is acceptable risk from their perspective.
@@S4Events AWS has never been compromised in this way to date. This is because of strict standards by the company to the extent that even the CEO has not been inside of the secured data centers. Your data in this area is out of date is the main issue. The way the hypervisors are setup are very secure from these type of attacks. ........The main threat to cloud environments in general is lack of skill by employees to technoloy with poor setup. The other depends on the type of environment used. They are not all the same IE.. SaaS, PaaS, IaaS.
@@S4Events So my main point is to address your and I am a AWS certified Architect and Senior Security Engineer. It is highly unlikely to the extent of a statistical anomaly for the type of compromised you mention via credentials from a internal employee because of how AWS segments and secures resources. It is more logical therefore to focus on more probable threats. This would be improper configuration, and unsecured endpoints are things like that. To add application level attacks at weak points in software design things like that.