Because Microsoft has a difficult relationship with information security and developing internal corporate procedures that are more conducive to growth and safety than to pleasing interpersonal and interdepartment disputes.
To be fair, because of my job I hear about a lot of issues at the national level, and ICS (like power plants, water treatment facilities, etc) have terrible track record of security (think: admin panels with default password just left open on the internet). I think even Microsoft will better than that, since they actually know what they're doing (compared to a bunch of engineers managing the plant).
Oh, yeah. ICS/SCADA is definitely the worst industry I've heard of as far as security is concerned.
I don't think Microsoft has anything to contribute to that, because no, I don't think Microsoft possesses the technical competence to deal with these systems. They might have more /generalized/ infosec knowledge, but snark aside, I doubt they have the resources they need to really dig into SCADA security simply for the fact that they've never really needed to. I think it'd take them years.
It'd take them years to build a power plant, though...
msm_|2 years ago
thefurdrake|2 years ago
I don't think Microsoft has anything to contribute to that, because no, I don't think Microsoft possesses the technical competence to deal with these systems. They might have more /generalized/ infosec knowledge, but snark aside, I doubt they have the resources they need to really dig into SCADA security simply for the fact that they've never really needed to. I think it'd take them years.
It'd take them years to build a power plant, though...