Analysis
Attacks and Vulnerabilities
Critical infrastructure
ICS Cyber Security Training
News
The Skills Gap - Training & Development

ISA OT Cybersecurity Summit concludes as focus shifts to cybersecurity training

June 05, 2023
ISA OT Cybersecurity Summit concludes as focus shifts to cybersecurity training

The International Society for Automation (ISA) met for its OT Cybersecurity Summit in Aberdeen, Scotland, bearing in mind the city’s strategic position in the energy sector. Operators, service providers, regulators, and equipment suppliers were able to interact in person and discuss topics that were pertinent to their individual supply chains and potential vulnerabilities at the Summit, which brought together in-person and online delegates.

Held last week, the OT Cybersecurity event focused on the leading international standards and conformance systems that are being used to keep OT (operational technology) safe and secure in industries such as energy, manufacturing, and building automation. Developments within the ISA/IEC 62443 standards series were also highlighted, and technical training and certification programs designed to help implement the standards into business operations and workforce were reviewed.

Regulators in the North Sea are asking contractors detailed questions about OT cybersecurity, especially on operations classified as critical infrastructure. This increased scrutiny has resulted in more detailed contractual requirements. Additionally, insurance companies are also looking for specific details before writing a cybersecurity policy.

The two-day event focused on cybersecurity training, featured a welcome from Aberdeen Lord Provost Dr David Cameron, and addresses from keynote speakers, including Cheri Caddy, deputy director at the US Office of the National Cyber Director and Megan Samford, vice president and chief product security officer for energy management at Schneider Electric. They were also joined by hand-picked subject matter experts from the U.S. and U.K. who presented real-world applications of ISA/IEC 62443 consensus-based automation and control systems cybersecurity standards.

“Attracting more than 120 in-person and online delegates to our first-ever UK event of this kind is a clear demonstration of the appetite which exists for learning and networking opportunities focused on cybersecurity in operational technology environments,” Claire Fallon, ISA executive director, said in a media statement. “Two additional ISA events are planned for 2023 in the US and Australia that will focus on digital transformation, cybersecurity, and other leading topics in automation.” 

Fallon added that the association looks forward to “returning to the UK in the future to ensure that we continue to share knowledge and advocate for standards-based OT cybersecurity practices.”

“I am very proud of how far #ICS4ICS has come,” Samford wrote in a LinkedIn post. “It’s a unique perspective to have something that was just an idea a few short years be adopted internationally from a largely grassroots movement. Heard some awesome updates yesterday the International Society of Automation (ISA) ICS4ICS tabletop exercise. Numerous governments from around the world are requesting 5 day training sessions!”

ICS4ICS stands for Incident Command System for Industrial Control Systems, which has been designed to improve global industrial control system cybersecurity incident management capabilities. ICS4ICS will leverage the Incident Command System, as outlined by FEMA, for response structure, roles, and interoperability. ISA Global Cybersecurity Alliance (ISAGCA) joined forces with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and cybersecurity response teams from more than 50 participating companies to adopt the Incident Command System,

Samford also provided details about how the incident command system (ICS) improves emergency response efforts in several ways. She highlighted standardization, collaboration, flexibility, clear command structure and effective resource management in her post.

“ICS provides a standardized, structured approach to emergency response that enables emergency responders to work together seamlessly, regardless of their agency or organization. This allows for effective communication, coordination, and collaboration between different emergency responders,” Samford wrote. “ICS facilitates coordination and collaboration between multiple agencies and organizations by establishing clear roles, responsibilities, and communication protocols. This allows emergency responders to effectively work together to manage the incident.”

She added that ICS is a flexible system that can be adapted to respond to different types of incidents, from natural disasters to hazardous materials incidents, to CYBER. This ensures that emergency responders are able to effectively respond to any situation. “ICS establishes a clear command structure, with a single Incident Commander who is responsible for managing the response effort. This ensures that decisions are made quickly and effectively, and that resources are deployed where they are needed most.”

She also said that ICS facilitates effective resource management by providing a framework for identifying and prioritizing resource needs, and for deploying resources in the most effective manner. “This helps to ensure that emergency responders have the resources they need to respond to the incident. Overall, the incident command system enables emergency responders to effectively and efficiently manage emergency response efforts, improving the safety of the public and responding personnel alike,” she added.

In April, the ISAGCA announced its new advisory board leadership for 2023-2024 with Matt Bohne, vice president and chief product cybersecurity officer at Honeywell, taking charge as the chair. Chris McLaughlin, chief information security officer (CISO) at Johns Manville (JM) takes over as vice chair of the advisory board. Chief among the goals of the ISAGCA includes broad awareness and understanding of the consensus-based cybersecurity standards for automation and control system applications ISA/IEC 62443 series.

Cybersecurity training is on the cards these days. The U.S. Department of Energy (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) and the State, Local, Tribal, and Territorial (SLTT) team announced last week that they partnered with the National Association of State Energy Officials (NASEO), National Governors Association (NGA), and the National Association of Regulatory Utility Commissioners (NARUC) to host cross-agency training. 

The initiative helped to prepare them to face severe and frequent threats to energy systems, including storms, natural disasters, physical attacks, and cybersecurity threats, apart from building relationships and connections that strengthen overall security and resilience posture. “Ensuring that our nation’s critical infrastructure is resilient against physical and cybersecurity threats is a top priority for the Department of Energy (DOE), and we are committed to working closely with Federal, state, and industry partners to do so.”

The event also gave CESER the valuable opportunity to hear from state officials responsible for energy security planning on the challenges they face, best practices they rely on, and specific ideas on how DOE can better support their planning efforts.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation