Monday, June 20, 2016

ICS-CERT and the Secure Portal

Long time readers of this blog will undoubtedly remember me discussing (see here and here for example) the ICS-CERT use of the US-CERT Secure Portal to initially share control system advisories with a limited audience to allow critical infrastructure facilities a chance to address those vulnerabilities before their existence became public knowledge. Over the weekend, the DHS ICS-CERT added a new page to their web site describing how to gain access to these early releases of ICS-CERT advisories.

The new page introduces a new name for the US-CERT Secure Portal, apparently it is now called the NC4 Mission Center secure portal. I say apparently because of search of the US-CERT web site contains no mention of that name. A Google search for the term does show a series of results for the NC4 Mission Center name (see here), but that is a trademarked name for an organization headquartered in el Segundo, CA that apparently markets the cybersecurity services to the government and private sectors. Interestingly, a search of the NC4 web site for the term ‘ICS-CERT’ turns up no results.

The NC4 websites appear to be very carefully written to foster some level of confusion about whether or not the organization is directly affiliated with the Federal government. See for example here; “Leveraging its U.S. Federal Government heritage and experience garnered from supporting over 100,000+ operational users for over a decade, NC4 brings organizations proven and trusted, web-accessible, secure communication and collaboration solutions.” Though, to be fair NC4 has apparently been around for some time since it was mentioned (pg 18) in a 2011 US Army War College paper (.PDF Download).

To avoid confusion, and stop inadvertently sending people to do business with NC4, ICS-CERT really does need to clear up this name issue and go back to using the US-CERT Secure Portal terminology that is apparently still in use in the rest of DHS.

Still, I highly recommend that any critical infrastructure security manager with any level of responsibility for control system security join ICS-CERT on the US-CERT Secure Portal. The early notification of selected control system advisories could be very beneficial. 

No comments:

/* Use this with templates/template-twocol.html */