|
The goal of the DHS National Cyber Security Division's CSSP is to reduce control system risks within and across all critical infrastructure sectors by coordinating efforts among federal, state, local, and tribal governments, as well as control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack against critical infrastructure control systems through risk-mitigation activities. Two licensed distributors for the Control Systems Cyber Security Self-Assessment Tool The ISA Automation Standards Compliance Institute (ASCI) and Lofty Perch, Inc. are licensed distributors of the Control Systems Cyber Security Self-Assessment Tool (CS2SAT). This application, created by the Control Systems Security Program for the Department of Homeland Security National Cyber Security Division, was developed to assist SCADA and Process Control System users improve the cyber security posture of their control systems. Online training - OPSEC for Control SystemsThis innovative, web-based course introduces control systems employees to the basic concepts of operations security (OPSEC) and applies these concepts to the control system environment. Course lessons let you check your understanding of the concepts with interactive exercises in which you explore different environments to discover problems. You even have the opportunity to play the "bad guy" and try to disrupt a competitor's manufacturing process.Check out the training course OPSEC for Control Systems. Catalog of Control Systems Security: Recommendations for Standards DevelopersThis catalog presents a compilation of practices that various industry bodies have recommended to increase the security of control systems from both physical and cyber attacks. It is not limited for use by a specific industry sector but can be used by all sectors to develop a framework needed to produce a sound cyber security program. It should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in this catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security needs. |
What's NewCyber Security Procurement Language for Control Systems Version 1.8 has been posted by the MS-ISAC SCADA and Control Systems Procurement Project for review and comments ISA Automation Standards Compliance Institute (ASCI) to distribute DHS Lofty Perch to License DHS Control Systems Self Assessment Tool (CS2SAT) Forget the Silos, Build the Bridges and Infrastructure Protection in the Ancient World have been added to Articles "Securing Control System Modems" has been added to Recommended Practices.
HighlightsRoadmap to Secure Control Systems Among Advances Introduced at Water Security Congress The vision of the cyber security project is to design, install and maintain control systems that assure the water sector can operate with no loss of critical function both during and after a cyber attack. More... Three white papers, "Understanding OPC and How it is Deployed", "OPC Exposed", and "Hardening Guidelines for OPC Hosts" provide: an overview of OPC Technology and how it is actually deployed in industry; outline the risks and vulnerabilities incurred in deploying OPC in a control systems environment; and summarize current good practices for securing OPC applications running on Windows-based hosts. ReportingThe CSSP is interested in learning of suspicious cyber incidents which occur within or may have an impact on the control systems environment. Use the buttons to the left to report cyber-related incidents and vulnerabilities to the Control Systems Security Center at US-CERT.
|
Get Adobe Reader