CybersecurityManagementPhysicalSecurity NewswireCybersecurity News

CISA releases guide on securing industrial control systems

July 9, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has released its five-year industrial control systems (ICS) strategy: Securing Industrial Control Systems: A Unified Initiative. The strategy—developed in collaboration with industry and government partners—lays out CISA's plan to improve, unify, and focus the effort to secure ICS and protect critical infrastructure.

CISA encourages users—including ICS and critical infrastructure partners—to review Securing Industrial Control Systems: A Unified Initiative for more information.

"Through this “One CISA” initiative, CISA will work with critical infrastructure (CI) owners and operators to build industrial control systems (ICS) security capabilities that directly empower ICS stakeholders to secure their operations against ICS threats. We will also work to improve CISA’s ability to anticipate, prioritize, and manage nationallevel ICS risk," says  Christopher Krebs, Director, Cybersecurity and Infrastructure Security Agency . 

According to CISA, this effort will be organized in four pillars:

  • PILLAR 1: Ask more of the ICS community, and deliver more to them.
  • PILLAR 2: Develop and utilize technology to mature collective ICS cyber defense. 
  • PILLAR 3: Build “deep data” capabilities to analyze and deliver information that the ICS community can use to disrupt the ICS Cyber Kill Chain. 
  • PILLAR 4: Enable informed and proactive security investments by understanding and anticipating ICS risk.

Krebs adds, "ICS security presents unique challenges. Traditional ICS devices used to manage industrial processes are difficult to secure without creating unacceptable disruptions to critical industrial processes. The largescale use of newer technologies—such as 5G cellular networks, artificial intelligence, pervasive machine-tomachine communications, and advanced data analytics— introduces both advantages and additional uncertainties and may significantly change the ICS risk landscape. Most importantly, because ICS manage physical operational processes, the increasing convergence of information technology (IT) and operational technology (OT) creates opportunities for exploitation that could result in catastrophic consequences, including loss of life, economic damage, and disruption of the National Critical Functions (NCFs)1 upon which society relies." 

For the full guide, visit https://www.cisa.gov/sites/default/files/publications/Securing_Industrial_Control_Systems_S508C.pdf

KEYWORDS: CISA cyber security Industrial Control Systems information security

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Related Articles

Related Products

See More ProductsSee More Products

Events

View AllSubmit An Event
  • October 22, 2012

    Industrial Control Systems Cyber-Security Conference

    ICS Cyber-Security is the conference where industrial control systems users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions.
View AllSubmit An Event

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!