Cyber-Security for ICS/SCADA: A South African Perspective

Industrial control systems (ICS) or supervisory, control, and data acquisition (SCADA) systems drive many key components of the national infrastructure. It makes these control systems targets for cyber-attacks by terrorists and nation-states who wish to damage their target economically and socially, and cyber-criminals who blackmail the companies operating the infrastructure. Despite the high risk of leaving these systems exposed, providing adequate cyber-security is often challenging. The Stuxnet worm illustrated how vulnerable control systems potentially are when it bypassed a number of security mechanisms to cause physical damage to an Iranian nuclear facility. The article focuses on ICS/SCADA in South Africa discussing the unique challenges and legislation relate to securing control system in the South Africa. A governance and security framework for overcoming these challenges are proposed.