ICS Security News

Sorry for the delay, but lot’s of news.

ISASecure has launched the System Security Assurance (SSA) certification — “a system-level cybersecurity certification for industrial automation and control systems (IACS) products.” Very ambitious and something we will write more about in upcoming weeks. The CSSC in Japan is planning on supporting this certification as well.

Version 1.0 of the US Government’s Cybersecurity Framework was issued on Wednesday. Cynthia Brumfield at CSO has a nice summary of the changes.

Related and more newsworthy was DHS’s announcement that same day of the Critical Infrastructure Cyber Community (C³) voluntary program. This is the first major effort to encourage use of the CSF.

Rockwell Automation endorsed use of the Cybersecurity Framework for manufacturers. It will be interesting to see how their insecure by design products would be treated by the CSF. Of course manufacturers can continue to accept the risk for decades.

The UK Government plans to run an exercise on the cyber resilience of critical infrastructure.

Bit9 raised $38M in venture capital and merged with Carbon Black. Bit9 has had some success penetrating the ICS space.

From Iran’s supreme leader Ayatollah Khamenei, “You are the cyber-war agents and such a war requires Ammar-like insight and Malik Ashtar-like (two Prophet’s Companions in early Islamic history) resistance; get yourselves ready for such war wholeheartedly.”

Yokogawa announced field wireless products that will support both WirelessHART wired HART and ISA100.11A.

Walt Boyes has some interesting videos of the ARCForum press conferences.

Image by TooFarNorth