SCADA Regulation

Last week I wrote about a dream panel of witnesses for the US House of Representatives Committee on Homeland Security hearing titled: America is Under Cyber Attack: Why Urgent Action is Needed. Here is the actual and predictable list:

Mr. Shawn Henry
Former Executive Assistant Director
Criminal, Cyber, Response, and Services Branch
Federal Bureau of Investigation

Mr. James Lewis
Director and Senior Fellow
Technology and Public Policy Program
Center for Strategic and International Studies

Mr. Gregory C. Wilshusen
Information Security Issues
Government Accountability Office

Mr. Stuart McClure
Chief Technology Officer

Dr. Stephen E. FLynn
Founding Co-Director
George J. Kostas Research Institute for Homeland Security
Northeastern University

As expected, two witnesses from the US Government. GAO has done some recent audits of control systems and DHS’s control system security program so Mr. Wilshusen may cover ICS a bit. (easy jokes withheld) FBI is likely to give some generic statistics on threat that may be tied in implicitly with critical infrastructure ICS.

James Lewis of CSIS is a vocal proponent of government regulation of private, critical infrastructure ICS. It’s a bit surprising to see him on the panel of a Republican run committee, but perhaps protocol dictates the Democrat members get to invite some of the panel.

McAfee will speak to the volume of the threat that they see, and I’m not familiar with Dr. Flynn.

Image by ThatMakesThree