The Department of Homeland Security's ICS-Cyber Emergency Response Team is helping owners and operators secure their industrial control systems.
Securing the industrial control systems (ICS) and supervisory control and data acquisition (SCADA) networks that are used to run everything from chemical refineries to power grids is a daunting job. The systems are linked to the Internet and, thus, vulnerable to hacks.
But unlike traditional enterprise networks whose common software and system architectures make it possible to secure vulnerabilities worldwide with a single patch, the typical ICS or SCADA system is not easy to patch.
As in other areas of critical infrastructure protection, ICS and SCADA risk mitigation falls to private owner-operators, as do the costs. The Department of Homeland Security (DHS) can, however, impart knowledge, which it does through the ICS-Cyber Emergency Response Team (ICS-CERT).
While the name evokes that of US-CERT, its partner in DHS that focuses on risks to the country’s IT networks, ICS-CERT’s work on process management networks has much in common with one of its closest collaborators in DHS, the Office of Infrastructure Protection (OIP), which helps owner-operators mitigate overall risk and boost resilience through site-assistance visits and risk assessment products.
The crux of ICS-CERT’s work lies in threat and vulnerability analysis, both sectorwide and at the owner-operator level. At the company or plant level, ICS-CERT helps in forensic incident response and vulnerability assessment, explains Sean McGurk, director of DHS’s Control System Security Program (CSSP), which oversees ICS-CERT.
(To keep reading "Guiding Control System Cybersecurity" from the October issue, click here .)
♦ Photo by by fhemerick/Flickr