Re: SCADA

["Bill McGee (bam)" <bam () cisco com>]

And what, exactly, is 'reliable'? The only reasonable definition I can think of is one that hasn't been broken into 
'YET'. Like has been said before, unless you disassemble your machine, embed it into a cement and glass matrix, and 
dump it in the ocean, there is no such thing as 'secure' - and even then... Everything else involves degrees of risk 
balanced with the need to actually conduct business. 

In spite of what some of the purists on this list might imply, security is a trade-off, and every naive administrator 
believes his/her network to be 'secure' until it isn't. The rest of us manage risk and try our best to reduce the cost 
of risk to a level below the value of the business being conducted. Our job as security professionals is to help 
organizations reduce that risk as much as possible. Anyone selling anything else is hawking snake oil.



Bill McGee
Security Solutions Manager
Cisco Systems, Inc.

 -----Original Message-----
From:   Chris Blask [mailto:wobblingmoon () yahoo com]
Sent:   Wednesday, April 15, 2009 01:38 PM Pacific Standard Time
To:     hassler () speakeasy net; Firewall Wizards Security Mailing List
Subject:        Re: [fw-wiz] SCADA


Daniel E. Hassler <hassler () speakeasy net>


> I agree with your observations but how can an insecure system be 
considered reliable?


That there is a damn fine question, but when you ask it of the folks running these systems the answer is: "It has been 
reliable so far."

...

:~)


      
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards