Federal Agency Launches Initiative to Enhance Security for Industrial Control Systems

Cybersecurity is a growing challenge for industrial enterprises that operate SCADA (Supervisory Control and Data Acquisition) and ICS (Industrial Control System) devices. Many manufacturing and energy companies that have invested in outdated SCADA systems are particularly vulnerable to cybersecurity threats, such as ransomware. With SCADA system life cycles reaching 15 years or longer, older devices may be more sensitive or may not be compatible with newer computers and protection measures. This makes them more vulnerable to cyberattack, which can lead to breaches of physical plant operations, environmental controls, or even life- threatening safety failures.

Typically, the SCADA system functions as an active operation’s nervous system, notifying operators of failed activities, errors and equipment that is functioning out of tolerance. Data from a comprehensive SCADA system permeates an organization’s business processes by:

• Driving maintenance and safety programs
• Informing operational efficiency assessments
• Providing details for capital investment decisions
• Incorporating the data into the Enterprise Risk Management function

Because SCADA systems provide such foundational and pervasive data, if it is inaccurate or compromised, the impact on a business can be dramatic. Furthermore, as interconnectivity and automation of operations increases, the risk of outside actors or insufficiently controlled processes impacting your operations is rapidly escalating.

In response to growing cybersecurity threats and risk management issues, the Cybersecurity and Infrastructure Security Agency (CISA) recently announced an initiative to strengthen and secure industrial control systems.

CISA was created in 2018. Part of the federal Department of Homeland Security, it is responsible for functions previously performed by the U.S. Computer Emergency Readiness Team (US-CERT) and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

The new CISA initiative signals the federal agency’s intention to bring resources and focus to ICS security to drive meaningful, measurable and sustainable change.

As stated in its report describing the initiative, CISA’s vision is to achieve a collective approach with industry and government that will: 

• Empower the ICS community to defend itself
• Inform ICS investments and proactive risk management of NCFs
• Unify capabilities and resources of the Federal Government
• Move to proactive ICS security
• Drive positive, sustainable, and measurable change to the ICS risk environment

While taking responsibility for leading the initiative, CISA calls on the private sector to participate. In the first of four pillars that will guide its efforts, CISA aims to “Ask more of the ICS community, and deliver more to them.”

The initiative places significant emphasis on developing and implementing joint ICS security capabilities, mapping and identifying the degree to which specific national critical functions (NCFs) depend on ICS, and elevating and prioritizing ICS security around a unified “One CISA” strategy.

We understand that stakeholders are faced with balancing the unique considerations from operating ICS & SCADA environments and the overall risk and security posture of the organization. This in addition to discerning acronyms and industry jargon, know we are here to help. For more information about SCADA and ICS risk and security, contact us.

Authored by Trip Hillman, CISSP, GPEN, GCWIN, GSNA, CISA, GCFE, CEH. 

© 2020