Sound strategy, regardless of whether it is for military, physical or cyber security, relies on the concept of "defense in depth." Effective security is created by layering multiple security solutions so that if one is bypassed another will provide the defense. This means not over-relying on any single technology such as a firewall. Firewalls aren't bad technol-ogy. In fact, they are a fantastic tool in the security toolbox. But, industry has misused them by believing they will solve all security ills.rnDefense in depth begins by creating a proper electronic perimeter around the SCADA or control system and then hardening the devices within. The security perimeter for the control system is defined both by policy and technology. First, policy sets out what truly belongs on the control system network and what is outside. Next, a primary control-system firewall acts as the choke point for all traffic between the outside world and the control system devices.
展开▼
