I had the chance to interview Marty Edwards who leads the ICS cyber security effort at the US Department of Homeland Security (DHS).

The first 6 minutes introduce Marty and clarify what ICS-CERT does (it’s much more than a CERT).

  • 6:50: What are ICS-CERT’s goals / metrics / measures of success?
  • 9:05: What is the purpose of DHS doing ICS assessments? and 13:13 If this assessment program is the best way to make a difference, why wouldn’t you scale it up by a factor of 1000 or more?
  • 17:00 How do you (ICS-CERT) decide what incidents require a response team from DHS to get involved?
  • 22:26 Are most of the incidents ICS-CERT responses to on the corporate network?
  • 26:20 Why is DHS providing free training, assessment, incident response and other services for large companies when a commercial capability exists?
  • 29:20 How well do the higher levels of the US Government, in all branches, understand the ICS cyber security problem?
  • 33:52 A discussion on how ICS-CERT handles the CERT activities.