This week, Bruce Schneier blogged about the CIA’s disclosure of hacking incidents to public utilities. I’ve been wary of utilities ever since I learned about SCADA systems, and their implication on security. I’ve heard about consultants primed with a copy of NMap accidently shutting down large SCADA networks simply because of their age & lack of security.

The thing that is scary is that we have come across companies reliant on SCADA systems for their factories or assembly areas that are also subject to PCI.


The good news is that with careful planning and a good network segmentation strategy much of the impact can be reduced.

This post originally appeared on

Possibly Related Posts: