The “Reporting” tab includes links for reporting control systems incidents (this leads to a reporting form with a cursory description of what constitutes a ‘control system incident’. Actually, this brief and very inclusive description is probably very valuable in bringing in the widest volume of incidents that affect cyber control systems. This would allow CCSP to weed out the non-cyber incidents instead of pre-empting good reports that might not fall under a more specific description. ICSJWG Page The ICSJWG page provides updated information on the Spring 2010 Conference that I had briefly reported in a previous blog. The new information includes the actual location of the conference in Austin, TX (JW Marriott San Antonio Hill Country Hotel and Conference Center), a link to a one-page brochure about the conference, and a link to the conference registration page. There is also a ‘Call for Papers’ announcement on the page, though the link for the electronic submission of proposal abstracts has not yet been established. The program committee has provided a non-exhaustive list of topics that they are looking to have covered at the conference. These include:Catalog of Control Systems Security: Recommendations for Standards Developers (pdf), Cyber Security Procurement Language for Control Systems (pdf), Developing an Industrial Control Systems Cybersecurity Incident Response Capability (pdf), and
Workforce Development, Control Systems Security Research, International Coordination, Standards Development, Incident Handling, Vulnerability Management, Emerging Technologies, Managing Vendor Relations, Integration of Cryptographic Technologies, Security Management Metrics, Wireless Integration in ICS environments, and Coordination of Threat Reporting.I am always amazed (not really) when there is a noticeable lack of cross fertilization of ideas and topics in the various parts of the Department. Particularly amusing here is that the one regulatory program that is actively trying to deal with industrial control system issues is not mentioned in the program committee’s list of topics. I would have liked to see CFATS cyber security issues get some prominent mention in this forum. As more information becomes available on the ICSJWG Spring Conference, it will certainly be mentioned here in this blog.
No comments:
Post a Comment