Industrial Control Systems Joint Working Group (ICSJWG)

The Cybersecurity and Infrastructure Security Agency (CISA) hosts the Industrial Control Systems Joint Working Group (ICSJWG) to facilitate information sharing and reduce the risk to the nation’s industrial control systems.

The ICSJWG provides a vehicle for communicating and partnering across all Critical Infrastructure (CI) Sectors between federal agencies and departments, as well as private asset owners/operators of industrial control systems. The goal of the ICSJWG is to continue and enhance the collaborative efforts of the industrial control systems stakeholder community in securing CI by accelerating the design, development, and deployment of secure industrial control systems.

CISA/ICSJWG developed a Fact Sheet for quick reference information about the ICSJWG: ICSJWG Fact Sheet.

ICSJWG Banner and Image

ICSJWG 2020 Spring Meeting | Salt Lake City, Utah

April 14 - 16, 2020

Save the Date

We are very pleased to officially announce the date of the ICJSWG 2020 Spring Meeting in Salt Lake City, Utah, from April 14 –16, 2020. Please share this “Save-the-Date” information with others who are interested in the ICSJWG and who wish to collaborate with us in our continuing information sharing efforts and dedication to protection of critical infrastructure.

Call for Abstracts

We are also pleased to distribute the Call-for-Abstracts for the 2020 Spring meeting.

Proposed abstracts for any Speaking Session or for a Vendor Expo booth must be submitted by 5:00 P.M. eastern time February 28, 2020. To submit an abstract for either a Speaking Session or Vendor Booth, interested individuals must complete an Abstract Submission Form and send it to

Submissions received after the deadline cannot be considered. 

After the submission closure date, all abstracts will be reviewed for inclusion in the Spring Meeting agenda. The Program Management Office will subsequently contact authors of accepted abstracts with detailed speaker guidance. Please contact us at for more information.

Registration Information

Registration for the meeting and at the venue will be available soon.

Additional Information

There is no cost to attend any of these events.  However, travel, accommodations, meals, beverages, and other incidental expenses are the responsibility of the event participant and will NOT be covered by ICSJWG, CISA, or DHS.

For additional information, please contact us at


Previous Meeting Information

Please find agendas for previous meetings below.

Contact the respective author(s) directly for copies of presentations.  

Please contact us if you have questions.

ICSJWG Newsletters

If you would like to submit an article or whitepaper of general interest pertaining to control systems security, please send it to for consideration. Submitted articles will be reviewed and approved by ICSJWG prior to publishing. Please note that marketing or sales presentations aimed at gaining the audience's interest in services, capabilities, or products cannot be approved.

Article submissions for the December 2019 edition are currently being accepted for review until December 9, 2019.

Copies of the current Newsletter and the previous three Quarter's Newsletters may be requested from

ICSJWG Products and Materials

NCCIC/ICSJWG Fact Sheet: ICS Cybersecurity for the C-Level (Six Questions Every C-Level Executive Should Be Asking).
"Common Industrial Control System Vulnerability Disclosure Framework" developed by the Vendor subgroup (July 2012).

ICSJWG Webinar Series

Our Webinar Series is designed to inform the membership and general public about solutions to threats, vulnerabilities, and risks to critical infrastructure and control systems. The search for outstanding and value-added topics is ongoing. Please feel free to send an abstract or short description of any webinar idea to and the Program Office will add it to the topic queue for review and possible inclusion into the series.  Our intent is to have a webinar each quarter of the year.  Please note that marketing or sales presentations aimed at gaining the audience's interest in services, capabilities, or products cannot be approved.

Upcoming Webinars

Secure Operations Technology - November 13, 2019 from 1 p.m. to 2:15 p.m. EST

Most OT security programs seek to "protect the information" - the CIA, AIC, IAC, or something of the information. Thoroughly-secured industrial sites though, do not "protect the information." Instead, such sites protect physical industrial operations from information, more specifically from cyber attacks that may be embedded in information. All cyber attacks are information after all, and every bit of information can encode an attack.

Secure Operations Technology is a perspective, a methodology, and a set of best practices used by thoroughly-secured sites - in addition to classic IT-SEC techniques. Since all cyber attacks are information, a comprehensive inventory of offline and online information flows into the critical network is also a comprehensive inventory of all possible attack vectors targeting the network. SEC-OT sites then take measures to physically block or otherwise discipline the entire inventory of inbound information/attack flows.

Presenter Andrew Ginter of Waterfall Security Solutions

Andrew Ginter leads a team responsible for industrial cyber-security research, contributions to standards and regulations, and security architecture recommendations for industrial sites. He is a coauthor of the Industrial Internet Consortium Security Framework and the author of a number of volumes, most recently, Secure Operations Technology (SEC-OT).

To register for this webinar, please send an email with your name, company, and sector from a work-related email address to

Past Webinars

Past webinar presentations which have been released are found below and may be requested from the Program Office through If they are still available, they will be forwarded to you upon request.

  • July 17, 2019 – Persistent Threat-Based Security for ICS Systems
  • March 2019 – Five Ways to Ensure the Integrity of Your Operations
  • September 2018 - The Top 20 Cyberattacks on Industrial Control Systems
  • January 2018 – Life After Ukraine: Industrial Control System Cybersecurity Industry Trends and Strategies
  • October 2017 – Creating Predictable Fail Safe Conditions for Healthcare Facility - Related Control Systems and Medical Devices by Use of System Segmentation
  • July 2015 – Protecting M2M Systems at the Edge
  • October 2014 – The New Paradigm for Information Security: Assumption of Breach
  • June 2014 – Online Real Time Monitoring for Change Identification
  • March 2014 – I Think, Therefore I Fuzz!

Membership in the ICSJWG

By adding you to our membership rolls, you will receive all outgoing messages to the ICSJWG community, including newsletters, meeting notifications, training information, calls for comments, and other announcements.

Volunteer participation, by contributing ideas, sharing information, or working toward solutions for CI security, is encouraged. To get involved supporting a working activity which addresses critical infrastructure security, please let us know your ideas and the ICJSWG Steering Team (IST) and Program Management Office (PMO) will consider them. To get involved with the ICSJWG in general, please contact us at