Organizations are increasingly preoccupied with strengthening the digital security of their industrial control systems (ICS). They heard about several high-profile ICS security incidents in 2016, so they’re now looking to take a more nuanced approach to protecting their operational technology (OT) environments. One way organizations can better protect their ICS systems is by encouraging their industrial security professionals to refer to trusted technical resource providers in the field.
Towards that end, here are seven providers professionals should use to defend their organizations’ industrial control systems.
1. Global Information Assurance Certification (GIAC)
Among the State of Security’s 10 respected providers of IT security training, the Global Information Assurance Certification (GIAC) offers more than 30 certifications to aspiring security professionals. Personnel working in industrial security should consider achieving two certifications in particular. The first certification, Global Industrial Cyber Security Professional (GICSP), is a vendor-neutral program that teaches enrollees how to balance IT, engineering, and digital security in protecting industrial control systems. The second accreditation, GIAC Response and Industrial Defense (GRID), teaches participants how to take an Active Defense approach towards securing an ICS network.
2. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
Created by the U.S. Department of Defense (DoD), the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) partners with law enforcement, government of all levels, and industry actors to reduce digital risks posed to all critical infrastructure sectors. It helps all these actors remain aware of the latest threats by publishing advisories, alerts, security awareness reports, and other publications. For ongoing digital defense learning, ICS-CERT also provides hands-on and web-based training, and it works with ICS subject matter experts to make available recommended security practices as well as standards and recommendations.
3. Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)
The Industrial Control System Information Sharing and Analysis Center (ICS-ISAC) is a non-profit organization whose mission is to “provide members and associated sectors practical information regarding the cybersecurity of their facilities.” Members of the Center enjoy access to real-time intelligence feeds that they can use to stay on top of the latest digital security threats confronting their industrial control systems; a secure membership portal from which they can coordinate their defensive measures; attendance to webinar events along with a regular conference; and regular briefings on evolving threats. They can also review additional information provided by dozens of separate knowledge centers.
4. International Society of Automation (ISA)
A part of the Automation Federation, the International Society of Automation (ISA) is a non-profit organization with 40,000 members worldwide that caters to industrial security professionals and other automation personnel. In cooperation with the American National Standards Institute, ISA has developed three standards specifying fundamental ICS terms and concepts, ICS security system requirements and security levels, and steps needed to create an ICS security program. It promotes security awareness of these standards via workforce development and training programs as well as professional certificate tracks. Additional industrial security system resources provided by ISA can be found here.
5. National Institute of Standards and Technology (NIST)
The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States government that advances measurement science, standards, and technology. The laboratory is responsible for developing Guide to Industrial Control Systems (ICS) Security (PDF), a special publication which has gone through two revisions as of this writing. The document provides guidance on how professionals can secure ICS networks consisting of supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations like programmable logic controllers (PLC) while observing each system’s performance, reliability, and safety requirements.
6. The SANS Institute
Another one of the State of Security’s 10 respected IT security training providers, the SANS Institute offers training in the classroom from a SANS-certified instructor, in a self-paced program that is conducted online, or in a mentored setting. Industrial security professionals can complete several courses with SANS to advance their careers, including two in partnership with GIAC to obtain GICSP and GRID certification. They can also deepen their knowledge on their own time via perusing SANS’ library of analyst surveys, whitepapers, and use cases as well as following its industrial control systems security blog.
SCADAhacker.com provides professional services designed to help personnel in critical infrastructure sectors secure their industrial control systems. Founded by Joel Langill, the director of critical infrastructure and SCADA representative for the Cyber Security Forum Initiative (CSFI), the ICS security resource center offers training through its online university. Its “Understanding, Assessing and Securing Industrial Control Systems” course, for example, provides students with sufficient knowledge to achieve GICSP certification through GIAC. SCADAhacker.com is also comprehensive in its library of ICS security vulnerabilities, whitepapers, standards, and events. Industrial security professionals can also make use of its toolsets, receive its newsletter, and read its blog.
Two More for the Road…
Once ICS professionals have referred to the trusted technical providers discussed above, they might want to consider dedicating some of their budget to investing in an industrial control solution. Tripwire and its parent company Belden both offer ICS security solutions. If they would rather take a more personalized approach, they can read Tripwire and Belden’s e-book on industrial security here.