[SCADASEC] GAO: TVA Power Plants Vulnerable to Cyber Attacks
Matthew Franz
mdfranz at gmail.com
Wed May 21 12:49:53 CDT 2008
Kevin,
Not to be cheeky, but your point?
Are you inferring that if we are in compliance we are not "secure"
(however you might measure that, test that, etc.) and therefore we
shouldn't bother with compliance? Is this another variation of the
whole "standards provide a false sense of security" argument,
therefore we should sit on our hands or endlessly argue about what it
means to be "secure." Been there/seen that....
- mdf
On Wed, May 21, 2008 at 12:15 PM, Kevin Lackey <jabberwoq at gmail.com> wrote:
> Being compliant with a standard does not in anyway infer secure. It just
> infers compliance with the standard.
> Kevin
>
More information about the scadasec
mailing list