This is part of a continuing series of blog posts about the
latest DHS-IdeaScale project to open a public dialog about homeland security
topics. This dialog
addresses the DHS Integrated Task Force project to help advance the DHS
implementation of the President’s Cybersecurity Framework outlined in EO 13636.
The earlier post in this series was:
New ICS Security Idea
Today Bryan Owen submitted
a new idea to the ITF-IdeaScale cybersecurity discussion site addressing
the establishment of a security reputation program to “to classify and rank the
security reputation for internet accessible assets”. This is the second ICS
related posting to the site.
ICS security professionals should review Bryan’s post on the
site and post their comments and cast their vote on the idea. While you’re
there check out my
post as well. And you might as well post an idea of your own. And facility
owners and control system operators should also consider getting involved in
these discussions.
LinkedIn Discussion
There has been an interesting discussion about my earlier
post on this topic over on the LinkedIn ICS-ISAC
group. Sam
Cox expressed some reservations about an open group discussion like this
IdeaScale program, noting that it is “unvetted and does not meet the security
needs many of my customers seek for professional collaboration”. He is correct
in noting that an open source group like IdeaScale is not an appropriate place
to discuss detailed security measures, but it is not clear that the
Cybersecurity Framework will include those kinds of details.
Posts
No comments:
Post a Comment