ICS Security News

Of course the big story was President Obama’s Executive Order Improving Critical Infrastructure Cyber Security with the key elements being information sharing and the development of the cybersecurity framework. The biggest potential impact is a possible future move to make the framework mandatory under some new regulation or envisioned executive authority (Section 10). The EO is not a bad thing, but I’ve believed for some time that the biggest impact on securing critical infrastructure ICS would be a more forthright effort by DHS to educate the USG, asset owners and vendors on the insecure by design issues in the ICS. I’ll try to write more on this next week.

Pathetic scare mongering from DHS Secretary Napolitano that the sequestration (mandatory budget cuts) could “significantly scale back cyber security infrastructure protections that have been developed in recent years”. DHS has had little impact on securing the critical infrastructure the last ten years so not a lot will be lost by a 7.6% budget cut. And if it is such a serious issue why would they cut there? That part of DHS is a very tiny slice.

The Department of Energy will award $20M for the development of  ICS cybersecurity tools. This is the same organization that funded Bandolier, and they tend to pick projects that meet objectives in the Energy Sector Roadmap.  

Tweet of the Week

[blackbirdpie id=”301704366434426880″]

Don’t forget to subscribe to this blog RSS feed and follow @digitalbond.com on twitter.

Worth Reading Articles

Critical Intelligence’s ICS Security Event Calendar Updates

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by chrisinplymouth