Title

Issues Common to Australian Critical Infrastructure Providers Scada Networks Discovered Through Computer and Network Vulnerability Analysis.

Document Type

Conference Proceeding

Publisher

SECAU Security Research Centre

Faculty

Computing, Health and Science

School

Computer and Information Science, Centre for Security Research

RAS ID

5873

Comments

This article was originally published as: Woodward, A. J., & Valli, C. (2008). Issues Common to Australian Critical Infrastructure Providers Scada Networks Discovered Through Computer and Network Vulnerability Analysis. Proceedings of Australian Digital Forensics Conference. (pp. 204-208). Edith Cowan University Mount Lawley Campus Perth WA. SECAU Security Research Centre. Original article available here

Abstract

This paper reports on generic issues discovered as a result of conducting computer and network vulnerability assessments (CNVA) on Australian critical infrastructure providers. Generic issues discovered included policy, governance, IT specific such as segregation, patching and updating. Physical security was also lacking in some cases. Another issue was that previous security audits had failed to identify any of these issues. Of major concern is that despite education and awareness programs, and a body of knowledge referring to these issues, they are still occurring. It may be necessary for the federal government to force organisations to undergo computer and network vulnerability assessment from recognised experts on a regular basis.