Meeting the Need for Industrial Cybersecurity Expertise

By Eric Cosman

ARC Report Abstract

Experienced Industrial Cybersecurity Professionals

Much has been written on the current imbalance between supply and demand for skilled and experienced Elements of Response ICS1.JPGcybersecurity professionals. While many related reports often focus on general-purpose IT cybersecurity, the situation is even more acute for industrial cybersecurity. Proficiency in that field requires more than expertise in IT security and network design. It also requires detailed knowledge and experience with various aspects of process design and control strategy development.

Public and private sector initiatives to better understand the specific needs and make plans for expanding the available pool of cybersecurity expertise have produced competency models and similar tools, leading to more detailed curricula and certification programs. Although these tools are necessary, skills development cannot be achieved through education alone. Practical experience is required, particularly in industrial cybersecurity, where the most effective response requires a thorough under-standing of potential consequences for the physical equipment and processes.

We Live in a Risky World

Several widely reported attacks were either directed at, or had indirect impact on industrial automation systems. Direct attacks have ranged from the Stuxnet attack of several years ago to more recent attacks on steel mills and other facilities.

ARC Advisory Group clients can view the complete report at ARC Client Portal on New Client Portal or Office 365 or on this website.

If you would like to buy this report or obtain information about how to become a client, please Contact Us


Engage with ARC Advisory Group