SCADA security was one of the important topic over last few years. Security vendors see big flow and slowly shifting their focus towards this area. Hardware vendors do not rush with their design change, rather do smaller steps to close high important issues. The ICS organizations not sure if they need to increase their spending to SCADA security and want to fix it using simple solutions.
While nobody from the trio (Security Vendors, ICS vendors, ICS organizations) questions necessity and importance of the improving SCADA security, we can see different understanding of this problem as well as resources the organizations willing to invest. This talk will summarize reasons of incidents, common mistakes in security configuration, possible ignorance of security best practices as analysis results of security incidents, security audits, collected telemetry including KL honeypot, analysis, etc.