ST. LOUIS--(BUSINESS WIRE)--Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that its Tofino Security brand has published new research showing that patching is often ineffective in providing protection from the multitude of vulnerability disclosures and malware targeting critical infrastructure systems today. While patching such systems is important as part of an overall Defense in Depth strategy, the difficulties of patching for industrial systems mean that compensating controls such as Tofino Security Profiles are often a better method of providing immediate protection.
My research highlights the multiple challenges with patching for SCADA and ICS systems
Since the discovery of the Stuxnet malware in 2010, industrial infrastructure has become a key target for security researchers, hackers, and government agents. Designed years ago with a focus on reliability and safety, rather than security, Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) products are often easy to exploit. As a result, there has been exponential growth in government security alerts for these systems in the past two years. In addition, they have attracted some of the most sophisticated (Stuxnet, Night Dragon, Flame) and damaging (Shamoon) cyberattacks on record.
Eric Byres, CTO and vice president of engineering at Tofino Security, investigated the effectiveness of patching for protecting control systems from vulnerability exploits and malware. His work revealed that:
The number of vulnerabilities existing in SCADA/ICS applications is high, with as many as 1,805 yet to be discovered vulnerabilities existing on some control system computers.
The frequency of patching needed to address future SCADA/ICS vulnerabilities in both controllers and computers likely exceeds the tolerance of most SCADA/ICS operators for system shutdowns. Unlike IT systems, most industrial processes operate 24x7 and demand high uptime. Weekly shutdowns for patching are unacceptable.
Even when patches can be installed, they can be problematic. There is a 1 in 12 chance that any patch will affect the safety or reliability of a control system, and there is a 60% failure rate in patches fixing the reported vulnerability in control system products. In addition, patches often require staff with special skills to be present. In many cases, such experts are often not certified for access to safety regulated industrial sites.
Patches are available for less than 50% of publically disclosed vulnerabilities.
Many critical infrastructure operators are reluctant to patch as it may degrade service and increase downtime.
When patching is not possible, or while waiting for a semi-annual or annual shutdown to install patches, an alternative is to deploy a workaround, also known as a compensating control'. Compensating controls do not correct the underlying vulnerability; instead, they help block known attack vectors. Examples of compensating controls include product reconfigurations, applying suggested firewall rules, or installing signatures that recognize and block malware.
Another compensating control is Tofino Security Profiles, available in Belden's Tofino Security product line. Tofino Security Profiles are rule and protocol definitions that address newly disclosed vulnerabilities. They provide a simple way for automation system vendors to create and securely distribute malware protection. Operators benefit from a single, easy-to-deploy package of tailored rules that can be installed without impacting operations. The result is that critical industrial infrastructure facilities can quickly and effectively defend themselves against new threats.
My research highlights the multiple challenges with patching for SCADA and ICS systems, remarked Eric Byres. To secure facilities, critical infrastructure operators should pursue a Defense in Depth strategy that includes patching when possible, and use compensating controls for protection when patching is not possible.
Starting today, Belden is publishing a series of blog articles on its patching research and is accompanying them with useful documents. These documents include:
Patching for Control System Security - A Broken Model?; a presentation that summarizes its patching research,
Patching for Control System Security - A Broken Model? a peer reviewed published paper,
and Solving the SCADA/ICS Security Patch Problem, a White Paper.
Visit: http://www.tofinosecurity.com/blog/scada-security-welcome-patching-treadmill for the first blog article.
Tofino Security provides practical and effective industrial network security and SCADA security products that are simple to implement and that do not require plant shutdowns. Its products include configurable security appliances with a range of loadable security modules plus fixed function security appliances made for specific automation vendor applications. Tofino Security products protect zones of equipment on the plant floor, and are complementary to Belden's Hirschmann brand, which leads industrial networking solutions. Both groups service and secure industrial networks in the oil and gas, utilities, transportation and automation industries. www.tofinosecurity.com
About Belden
St. Louis-based Belden Inc. designs, manufactures, and sells connectivity solutions for markets including industrial, enterprise, and broadcast. It has approximately 6,700 employees, and has manufacturing capabilities in North America, South America, Europe, and Asia, and a market presence in nearly every region of the world. Belden was founded in 1902, and today is a leader with some of the strongest brands in the signal transmission industry. For more information, visit www.belden.co
Most recent headlines
17/12/2025
Sports Broadcasting Hall of Fame Inducts 10 Industry Icons During Unforgettable ...
17/12/2025
ESPN to Debut MNF Playbook with Next Gen Stats, a New AI-Driven NFL Data-AltCastThe series, powered by Adrenaline TruPlay AI, launches Dec. 22 and runs through ...
17/12/2025
Inaugural Optum Golf Channel Games Debut Under the Lights' in Primetime on ...
17/12/2025
The right playlist is essential on New Year's Eve, building the energy as you get ready and keeping it high as you count down to midnight. This year, Spotif...
17/12/2025
eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({...
17/12/2025
Audiences Watched Over 103 Billion Minutes of TV on Thanksgiving Day
NFL Games ...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
17/12/2025
KPop Demon Hunters Stars Visit Berklee for Weeklong Celebration Andrew Choi and EJAE, who voiced the film's main characters and contributed to its soundtr...
17/12/2025
Wednesday 17 December 2025
Heated Rivalry will be coming to Sky and streaming service NOW on 10 JanuaryTurn on cookies to view this content. Go to Privacy opti...
17/12/2025
Back to All News
Inside The Unseen World Of Indian Customs: Netflix Reveals The...
17/12/2025
Back to All News
Netflix announces PAPARAZZI KING: the docu series coming to Ne...
17/12/2025
Back to All News
Netflix Unveils First Look at Jo Nesbo's Detective Hole Pr...
17/12/2025
Back to All News
Netflix Welcomes Warner Bros. Discovery Board Recommendation
Business
17 December 2025
Global
Link copied to clipboard
After Careful Revi...
17/12/2025
RT has announced that Kathy Fox has been appointed Commissioning Editor with re...
17/12/2025
The Hao AI Lab research team at the University of California San Diego - at the forefront of pioneering AI model innovation - recently received an NVIDIA DGX B...
17/12/2025
Editor's note: This post is part of Into the Omniverse, a series focused on ...
17/12/2025
With the new season of Dancing with the Stars shimmering in the not-too-distant future this New Year, the celebrity and dancer pairings of the twelve couples ha...
16/12/2025
Hawkins has landed on Spotify, just in time for Stranger Things Season 5, Volume...
16/12/2025
Wherever you are, your favorite music and audio content should go seamlessly with you. That's why Spotify has partnered with NAVER Corp, Korea's leading...
16/12/2025
2025 Wrapped arrived bigger and bolder than ever. This year's experience is designed to be ultra personal and shareable, with new features like Wrapped Part...
16/12/2025
Three 12-kilowatt Advanced Electric Propulsion System thrusters, supplied by L3Harris Technologies, form the core of Gateway's propulsion system. Pictured i...
16/12/2025
The challenge facing America's defense industrial base is not just about speed - its about rebuilding the foundation that makes speed possible. Our nations ...
16/12/2025
Share Share by:
Copy link
Facebook
X
Whatsapp
Pinterest
Flipboard...
16/12/2025
SEVILLE, Spain Canal Sur, the public broadcasting service for Andalusia, Spain, has completed a total technology refresh based on Pebble's resilient, softwa...
16/12/2025
NEW YORK Teleprompting hardware provider Telescript International has acquired all software code and intellectual property previously owned by Telescript West. ...
16/12/2025
As cable operators face increased competition from 5G fixed wireless access providers, a new report from Ookla Research finds that T-Mobile is the FWA speed lea...
16/12/2025
Apple has announced a major upgrade to the Apple TV app for device owners outside the Apple ecosystem with news that the Apple TV app for Android now supports G...
16/12/2025
Space42 grows Direct-to-Device partner ecosystem through a Memorandum of Underst...
16/12/2025
16 Dec 2025
VEON Announces Release Date for Full Year and Fourth Quarter 2025 R...
16/12/2025
16 Dec 2025
VEON's Kyivstar Invests in Renewable Energy in Ukraine with Acq...
16/12/2025
Back to All News
Emma Appleton, Fares Fares, Frida Gustavsson and Jakob Oftebro...
16/12/2025
Back to All News
Docu-reality My Korean Boyfriend Gets a Trailer and Premiere D...
16/12/2025
Harmonic's XOS Advanced Media Processor Improves Streaming Video Quality and Boosts Viewer Engagement SAN JOSE, Calif. - Dec. 16, 2025 - Harmonic (NASDAQ: ...
16/12/2025
RT Sport Awards 2025 live on RT One and RT Player at 8:05pm on Saturday 20 December.
On Saturday 20 December live on RT One and RT Player at the earlier t...
16/12/2025
Singer -songwriter Brian Kennedy has been announced as the final celebrity dance...
15/12/2025
Harlem Globetrotters Celebrate 100th Anniversary With New Brand Campaign From Th...
15/12/2025
Top L-R: La Tierra Del Valor (The Home of the Brave), Mangittatuarjuk (The Gnawe...
15/12/2025
L3Harris will leverage 15 years of experience supporting the E-4B Nightwatch and...
15/12/2025
CONWAY, Ark. In a notable example of how the loss of federal funding is forcing public stations to make massive cuts and operational changes, the statewide pub...
ST. LOUIS--(BUSINESS WIRE)--Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that its Tofino Security brand has published new research showing that patching is often ineffective in providing protection from the multitude of vulnerability disclosures and malware targeting critical infrastructure systems today. While patching such systems is important as part of an overall Defense in Depth strategy, the difficulties of patching for industrial systems mean that compensating controls such as Tofino Security Profiles are often a better method of providing immediate protection. 
