Infrastructure spans a wide range of industries including electric power generation, electric transmission & distribution, water & wastewater, transportation, etc. Many of these industries are regulated and are subject to specific cybersecurity standards established by groups like FERC, NERC, NRC, etc. While gaps currently exist within these standards, companies are using sources like the IEC-62443 standards and NIST special publications to fill some of these gaps.
Regulations were a key focus of the 2018 ARC Industry Forum workshop on Trends and Developments in Infrastructure Cybersecurity. This session included short presentations by Nathan Faith (Exelon Generation), Jeff Shearer (SANS Institute), Joel Langill (AECOM), and David Lawrence (Duke Energy) regarding the challenges they face and the trends and developments they are observing in cybersecurity standards and guidelines. A panel discussion followed, in which session attendees were invited to offer comments and discuss their own issues and/or concerns.
Infrastructure Organizations and Challenges of Industrial Cybersecurity
Infrastructure organizations provide a wide range of essential services like energy, water, transportation, telecommunications, public safety, and healthcare. Often, these operations support large populations across broad geographical areas. As their mission is critical to public and economic well-being, many are subject to regulations on safety, reliability and quality of service. The potential impacts of a cyber-attack can be widespread and severe, affecting an organization’s financial performance and reputation, as well as the public and the economy. Impacts are further amplified when complex infrastructure equipment must be replaced or repaired.
If you would like to buy this report or obtain information about how to become a client, please Contact Us
Keywords: Industrial Cybersecurity, Cyber Security, OT, ICS, Industrial IoT, ARC Advisory Group.